eSign Incident Response

E-Sign’s trust and reputation are key, and as such we take security incidents very seriously.

Monitoring and Reporting Security Events

eSign’s trust and reputation are key, and as such, we take security incidents very seriously. Customer reporting of security threats and suspicious activity is especially effective, and you are an essential information security asset. Once we receive this information, we can assess and continue to produce the highest level of security protection, protecting you and ourselves against cybercrime. One of cybercriminals’ favourite pastimes is to try and hijack companies’ brand identities, especially legitimate domains, then launch spoofing or phishing attacks against various targets.

Spoofing and Impersonation

Spoofing occurs when the sender is using the exact target domain to send mail from. Impersonation is when the sender is attempting to send mail which is a lookalike, or perceivably similar to, a target domain, targeted user or brand

Reporting

E-Sign uses multiple security tools to prevent spoofing attacks, however, reporting is still essential to us being able to identify and act on attacks immediately. We must also remain vigilant against impersonation attacks and report accordingly. As a data processor, we are committed to keeping your data private, including regular vulnerability checks and annual government-approved third party penetration testing. We always adhere to the latest privacy legislation.

https://www.esign.co.uk/privacy/

Reporting a Potential Security Issue

If you need to report a potential security issue to E-Sign, please email: security@e-sign.co.uk

Reporting Phishing Emails

If you think you have received a fraudulent email from E-Sign, please email: security@e-sign.co.uk

Things To Look Out For:

Fake links

Avoid fake links by accessing your documents directly from no-reply@e-sign.co.uk

To check an email link is legitimate, always use your cursor to hover over the link before you click on it. You will be able to view the intended destination. All links from E-Sign will redirect to https://app.e-sign.co.uk/

Imitation Email Address

E-mails sent from E-Sign which request you sign an envelope routinely do not contain attachments, unless the sender as uploaded an attachment. If you are unsure, don’t click on the attachment, as you can access it once you have arrived at the document signing page on the E-Sign platform. Completed envelopes will contain an attachment of the signed document(s), however still pay close attention to ensure the attachment is a valid PDF file, not a ZIP or executable.

Attachments

E-mails sent from E-Sign that request you sign an envelope routinely do not contain attachments, unless the sender has uploaded an attachment. If you are unsure, don’t click on the attachment as you can access it once you have arrived at the document signing page on the E-Sign platform. Completed envelopes will contain an attachment of the signed document(s), however still pay close attention to ensure the attachment is a valid PDF file, not a ZIP or executable.

False Sense of Urgency

Crooks can try and scare you by creating a false sense of urgency to force you into action. You should be vigilant when receiving any emails with a sense of urgency attached.

Misspellings and Bad Grammar

Fake emails often contain misspellings, incorrect grammar and missing words. Their content may also be illogical. Check before acting.

Unsafe Sites/Deceptive URL

The term “https” should always precede any website that requests personal information. (The “s” stands for secure.) If you don’t see “https,” you’re not in a secure Web session, and shouldn’t enter any personal data. A legitimate E-Sign sign-in page address always starts with “https://.”

Pop-Up Boxes

We do not use pop-ups as a part of our email notifications. if you receive any pop up notifications it can be a sign that you are being scammed

Try eSign FREE for 14 Days

Try the UK's leading electronic signature online document signing service free, no credit card required

Try Us Free