Cybersecurity researchers have identified a growing trend where cybercriminals exploit DocuSign APIs to send convincing fake invoices. Unlike traditional phishing scams that rely on spoofed emails with malicious links, these attacks use genuine DocuSign accounts and templates to mimic reputable brands, often slipping past security filters and misleading users into authorizing payments.

Source: Infosecurity