MONTGOMERY – The Alabama Department of Revenue (ALDOR) received reports of a phishing scam that is abusing the legitimate Docusign platform and impersonating ALDOR. If you receive a similar email, DO NOT CLICK any of the links in the email.
This Docusign email notification appears legitimate and states, “Alabama Department of Revenue sent you a document to review and sign.” The sender’s domain name displays the legitimate docusign.net domain. However, the body of the email references an email address with a “macr2.com” domain, typically associated with disposable or temporary email addresses and often used in fraudulent activities and spam.
If you click the Review Document button in the email, you are directed to the Docusign platform. In this phishing scam, the threat actors added an extra step by including a malicious link and a QR code to open and review the document. Do not click or scan.
Recommendations:
- Exercise caution with email addresses from “macr2.com” or other disposable email domains.
- Exercise caution with communications from known senders or legitimate platforms.
- Confirm requests from senders via contact information obtained from verified and official sources. DO NOT click links, scan QR codes, or open attachments unless you are absolutely sure they are legitimate.
- Type official website URLs into browsers manually and only submit sensitive information on official websites.
- Keep systems and browsers up to date.
- Report malicious cyber activity to the NJCCIC and the FBI’s IC3.
Press Contact
Tax Policy and Governmental Affairs Division
taxpolicy@revenue.alabama.gov
334-242-1380