Cyber expert shares tips to avoid AI phishing scams
Kurt ‘The CyberGuy’ Knutsson shares practical ways to avoid becoming a victim of AI-generated fraud and discusses a report that North Korean agents are posing as IT workers to fund the country’s nuclear program.
NEWNow you can listen to Fox News articles!
Most of us sign documents online without a second thought. A quick DocuSign request appears in your inbox. You click the link, review the document and go about your day. That convenience is exactly what scammers rely on. Recently, we received a message from a CyberGuy reader that shows just how convincing these scams can seem. In this case, the email appeared to be from a health licensing authority and asked the recipient to review a document related to a professional license renewal.
Here is an email we received from Susie, a registered nurse in Florida who almost fell for this scam.
“I’m a registered nurse, and my bi-annual renewal is coming up. Last month, I received a surprising (at least to me) email with a document to DocuSign from the state Board of Health. It didn’t feel right, even though I’ve used DocuSign many times in the past. Those events were known activities. I contacted the state board, sent them a SCAM and they reported the screen. Phishing message I want thank you, kurt, because it was up to you to question the authenticity of these contacts you’re giving me and saved me a lot of trouble, and all you nurses out there renewing your license. – Susie C, Orlando, FL
Susie did exactly what security experts recommended. He paused and confirmed the message before clicking anything. That one step almost stopped a phishing attack.
HACKERS USE APPLE PAY EMAILS.
Security experts warn that DocuSign scams use common Internet practices to steal passwords and gain access to personal or professional accounts. (Images / Getty Images)
Sign up for my FREE CyberGuy report
Get my top tech tips, emergency security alerts, and special deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join CYBERGUY.COM newspaper
What a suspicious DocuSign email looked like
Susie also shared a screenshot of the message she received. At first glance, the email looks normal. The green layout is similar to original DocuSign notifications. There is also a big yellow Document Review button. But one detail immediately stood out.
The email address sending the message was:
info.florida-department-of-health-email-notification@cc.ncu.edu.tw
That address is not associated with a US state health department.
Why DocuSign scams work so well
DocuSign is used by millions of businesses and government agencies. Because people expect these requests, they tend to click without hesitation. Fraudsters take advantage of that trend. DocuSign’s standard phishing email tries to create urgency. It may require a license renewal, contract revision, or payment form requiring immediate action. When you click the button, several things can happen:
- You may land on a fake login page designed to steal your email password.
- The site may tell you that you have downloaded a malicious file.
- The link may direct you to several phishing pages.
In most cases, the goal is simple. Attackers want your email credentials to take over your account or run more scams.
10 WAYS TO SECURE THE BIGGEST IN THE EMAIL WORLD
A Florida nurse avoided a DocuSign phishing scam after spotting a suspicious email bundled with a fake medical license renewal application. (Smith Collection/Gado/Getty Images)
Red flags in a DocuSign scam email
A few warning signs can help you spot a fake application quickly.
Suspicious sender address
Always check the sender’s background. Government agencies rarely send messages from outside educational domains such as .edu.tw. That alone indicates that something is wrong.
Unexpected documents
Official DocuSign applications usually follow a known interface. For example, the contract you negotiated or the documents you expected. An unexpected document should always raise questions.
The pressure to act quickly
Many phishing emails include language that encourages immediate action. The goal is to stop you from thinking. Take a moment before clicking any button.
Definitions of standard documents
The message shown in the screenshot simply says that the document is ready to be updated. It provides no real context or meaning. Legal documents usually include information about the job.
Clicking on the link could put you at risk
Many people think they will see a fake page. In fact, phishing sites look very convincing. Some scams even use fake DocuSign pages. Once victims enter their information, attackers gain access to their email accounts.
From there, criminals can:
- Reset passwords for financial services
- Send phishing emails to your contacts
- Search inboxes for sensitive documents
In health care operations, that risk may also reveal licensing information or patient-related communications.
APPLE EMAIL ALERT APPLE PASSWORD
Cybercriminals use fake DocuSign emails to trick users into clicking malicious links and providing sensitive login credentials. (Gabby Jones/Bloomberg via Getty Images)
Ways to stay safe from phishing scams at DocuSign
Fortunately, a few habits can greatly reduce your risk.
1) Confirm the request separately
If the document says it’s from a government agency or employer, contact them directly using a known phone number or website. Never use contact information contained within a suspicious email.
2) Hover over links before clicking
Hover your cursor over the button and check the destination link. If the URL looks strange or unrelated to DocuSign, don’t click on it.
3) Do not click on links and use strong antivirus software
If the email looks suspicious, do not click on the link or open any attachment. Strong anti-virus software can help block malicious downloads, warn you about dangerous websites and catch threats before they spread to your entire device. Find my picks for the best antivirus 2026 winners for your Windows, Mac, Android & iOS devices at Cyberguy.com
4) Use a data removal service
Fraudsters often collect personal information from data vendor sites and public records to make phishing emails seem more believable. A data removal service can help reduce your exposure online, making it harder for criminals to target you with convincing messages. Check out my top picks for data removal services and get a free scan to find out if your personal information is already out there on the web by visiting Cyberguy.com.
5) Access documents through official accounts
If you use DocuSign regularly, log in directly to the official website and check your pending documents there. That way avoids email pitfalls entirely.
6) Report phishing attempts
Report suspicious messages to your organization’s security team or the Federal Trade Commission’s phishing reporting system at ReportFraud.ftc.gov. The FTC also advises referring phishing emails to the Anti-Phishing Task Force at reportphishing@apwg.org. Reporting scams helps protect others from similar attacks.
Kurt’s priority is taking
Scams are successful because they blend into everyday routines. Signing documents online has become commonplace in workplace, healthcare licensing and financial documents. That’s easy and makes criminals completely invisible. Susie’s story shows how a moment of hesitation can stop a phishing attack before it starts. A quick phone call to the licensing board reveals the truth. The message was not valid.
Now the question is that every student should consider. If a DocuSign email arrives in your inbox right now, can you see the warning signs before clicking the button? Let us know by writing to us at Cyberguy.com
CLICK HERE TO DOWNLOAD THE FOX NEWS PROGRAM
Sign up for my FREE CyberGuy report
Get my top tech tips, emergency security alerts, and special deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join CYBERGUY.COM newspaper
Copyright 2026 CyberGuy.com. All rights reserved.
