This article describes a sophisticated phishing attack utilizing Webflow, a legitimate website builder, to create multi-layered deception involving fake DocuSign notifications and redirect links. The targeted approach includes fingerprinting and reconnaissance techniques to bypass security measures, emphasizing the importance of vigilance and preventive actions. #Webflow #Phishing #GoogleLogin
Keypoints
- The phishing campaign starts with an email claiming to be from a trusted contact about a completed DocuSign document.
- Attackers used Webflow preview URLs to make phishing links appear legitimate and evade detection.
- The malicious link performs fingerprinting and reconnaissance before redirecting to Googleβs login page.
- Phishers used CAPTCHA and redirection tactics to trick victims into revealing sensitive information.
- To defend against such attacks, users should clear browser data, enable 2FA, and use active antivirus solutions.
Read More: https://www.malwarebytes.com/blog/news/2025/06/fake-docusign-email-hides-tricky-phishing-attempt