Gaining trust is one thing, I wish you the very best of luck with that.
Not losing it is another.
The people to preserve trust with are all potential signatories
(ie. the public), not the initiating counterparties. Because there are
many more of them.
Of course this reputation problem is one you'll share with banks,
PayPal and every other "official" type entity that phishers want to
jump on.
Now most "Docusign" communications go straight to my spam folder or
/dev/null if arriving by email and not from (forwarded) a whitelisted
business I already have a relation with. Those that come directly from
Docusign (as sender even if DKIM passes) are ignored unless I think
there's a reason to be contacted.
Docusign is one of the juiciest spoofing targets for phishing attacks
because people act rashly to what they think is something requiring a
signature. They also have no timeout on repeat sends, relentlessly
spamming users to sign something, which makes them look exactly like,
well.... phish-spammers.
Not losing it is another.
The people to preserve trust with are all potential signatories (ie. the public), not the initiating counterparties. Because there are many more of them.
Of course this reputation problem is one you'll share with banks, PayPal and every other "official" type entity that phishers want to jump on.
Now most "Docusign" communications go straight to my spam folder or /dev/null if arriving by email and not from (forwarded) a whitelisted business I already have a relation with. Those that come directly from Docusign (as sender even if DKIM passes) are ignored unless I think there's a reason to be contacted.
Docusign is one of the juiciest spoofing targets for phishing attacks because people act rashly to what they think is something requiring a signature. They also have no timeout on repeat sends, relentlessly spamming users to sign something, which makes them look exactly like, well.... phish-spammers.
Try not to make these same mistakes as Docusign.