内容来源：https://lifehacker.com/tech/docusign-apple-pay-scam?utm_medium=RSS

内容总结：

警惕新型钓鱼邮件诈骗：不法分子冒充DocuSign谎称苹果支付异常

近日，网络安全机构发现新型网络钓鱼诈骗活动。诈骗分子冒用电子签名服务商DocuSign名义向用户发送伪造的"苹果支付订阅收据"，邮件包含苹果与DocuSign品牌标识及虚假订单编号，要求收件人拨打所谓"苹果客服电话"处理异常扣款。

据悉，该诈骗手法具有以下特征：

1. 利用公众对知名品牌的信任制造紧迫感，以"账户异常"为由诱导用户联系虚假客服；
2. 诈骗电话实际接入犯罪团伙，企图套取苹果ID、银行账户等敏感信息，或诱导安装远程控制软件；
3. 邮件发件地址使用伪装域名（包括Gmail等公共邮箱），且常使用形似字符规避垃圾邮件过滤。

DocuSign官方确认，该公司从未通过其平台发送交易收据或发票。安全专家建议：

• 收到未预约的DocuSign文件时应保持警惕
• 任何账户问题均需通过官方APP或网站核实验证
• 可疑邮件可转发至spam@docusign.com举报

用户可通过检查App Store或Wallet交易记录验证账单真实性，避免因恐慌心理泄露个人信息。

中文翻译：

您知道吗？谷歌搜索可以自定义设置来屏蔽垃圾信息？只需几个步骤就能提升搜索质量，比如将Lifehacker添加为科技新闻的优先信源。

若收到看似来自Docusign的未邀约邮件，请务必先核实来源再处理。诈骗分子正再度冒充这家电子签名服务商开展钓鱼活动，诱使收件人相信其Apple Pay账户出现问题。

Docusign堪称诈骗重灾区：不法分子常利用该公司的可信声誉冒充真实个人或机构，发送（虚假）发票、退款通知、劳动合同甚至法律文件等链接，企图套取敏感信息。

Docusign苹果支付诈骗运作模式
据AppleInsider和CyberGuy团队发现，最新骗局以一封伪装成Apple Pay订阅收据的邮件开场。邮件不仅带有苹果与Docusign的品牌标识和订单编号，还提示若对扣款存疑需拨打内附的苹果支持热线。

该号码实为诈骗团伙所有，其目的是套取您的Apple ID和银行账号、诱骗下载远程控制软件，或以"保护账户"为由索要钱财。钓鱼邮件通常还携带恶意链接或附件。

诈骗识别标志
与此类骗局类似，犯罪分子会利用用户对账户异常的恐惧感和紧迫感作案，同时借助被冒充品牌的公信力降低用户戒心。

此外还有其他辨识特征：其一，邮件并非来自苹果或Docusign官方域名（发往AppleInsider的邮件竟使用Gmail地址）；其二，大型企业从不通过Docusign发送收据或发票（对比App Store或Wallet交易记录即可发现破绽）。需注意发件人名称可能使用难以察觉的相似字符以绕过垃圾邮件过滤系统。

请牢记：对于任何未经预告的Docusign文件都应保持警惕。登录账户或核实可疑声明时，务必直接通过企业官网或官方应用操作。遭遇仿冒Docusign邮件可举报至spam[at]docusign[dot]com。

英文来源：

Did you know you can customize Google to filter out garbage? Take these steps for better search results, including adding Lifehacker as a preferred source for tech news.
If you receive an unsolicited email that appears to come from Docusign, don't trust it without verifying its origin first. Scammers are once again impersonating the e-signature provider in a phishing campaign that leads recipients to believe there is a problem with their Apple Pay accounts.
Docusign is no stranger to scams: Threat actors often use the company's trusted reputation to impersonate real people and organizations, sending links to (fake) invoices, refund notices, employment contracts, and even legal documents in hopes of collecting sensitive information.
How the Docusign Apple Pay scam works
The latest Docusign scam, identified by staff at both AppleInsider and CyberGuy, starts with an email that, at first glance, looks like a receipt for a subscription purchased through Apple Pay. There's branding from Apple and Docusign as well as an order ID, and the message directs you to call the included Apple support line if you don't recognize the charge.
The phone number obviously isn't Apple's—instead, you'll reach the scammers, who will try to extract information like your Apple ID and bank account number, convince you to download remote access software, or demand payment to protect your account. Phishing emails also often include malicious links or attachments.
Docusign scam red flags
Like all scams, this one plays on emotions like fear and a sense of urgency to fix an apparent problem with your account. It also relies on user trust in the brands being impersonated so you're more likely to engage.
There are a few other ways to identify this campaign as a fraud. For one, the message doesn't originate from an official Apple or Docusign domain—those sent to AppleInsider came from a Gmail address. (Note that sender names may include lookalike characters that are harder to spot and can evade spam filters.) For another, major companies don't use Docusign to send receipts or invoices. If you cross-check against your App Store or Wallet transactions, you won't find this fake one listed.
In general, you shouldn't engage with anything from Docusign that you weren't aware of prior to receipt. And always go directly to a company's website or app to log into your account or find contact information to verify any suspicious claims. You can report spoofed Docusign emails to spam[at]docusign[dot]com.