Cyber Threat Alert: Scammers Are Mimicking Trusted Platforms

August 26, 2025 , , B Q 0

Is your business prepared to handle the newest wave of online scams? Security experts from DomainTools Investigations (DTI) have uncovered a troubling trend. Cybercriminals are using lookalike versions of trusted platforms like DocuSign and Gitcode to trick users into compromising their systems. Here’s what you need to know to protect your team and your data.

How These Attacks Fool Users

Platforms like DocuSign and Gitcode are staples in many businesses. Whether you’re signing documents or managing code, they offer convenience and efficiency. This popularity, however, makes them prime targets for deception.

DTI researchers have shared how attackers are coding their schemes:

  • Spoofed websites: Cybercriminals build fake pages that closely resemble the real ones. These links often find their way to users through phishing emails, fake ads, or misleading messages.
  • False verification steps: A convincing CAPTCHA screen may appear, asking you to confirm you’re human. However, behind the scenes, it’s copying a dangerous PowerShell script to your clipboard.
  • Triggering the breach: If that script is run using the Windows Run command, it kicks off a download process that brings in more malicious code.
  • Installing malware: This process eventually leads to the deployment of a remote access trojan (RAT) known as NetSupport. Once on your system, it allows attackers to monitor activity, steal data, and spread the infection to other systems in your network.

Recognizing Signs of Remote Access Malware

RATs are designed to be stealthy, which makes detection tough. Still, some red flags might point to a hidden threat:

  • Your antivirus software is suddenly unstable or won’t stay open
  • Devices feel sluggish or begin freezing without warning
  • Web browsers behave oddly or redirect to unrelated pages
  • Unfamiliar programs appear out of nowhere

If you notice any of these issues across your systems, it’s time to act. Disconnect affected devices from the network immediately and alert your IT team or a qualified cybersecurity expert to assess further.

Smart Practices to Reduce Your Risk

Stopping these threats before they spread is the best defense. Your cybersecurity process should include several key habits:

  • Keep your team informed: Cyber awareness should be part of regular employee training. Helping your staff understand what suspicious activity looks like will reduce the chance of a successful attack.
  • Use secure credentials: Encourage the use of unique, hard-to-guess passwords and enable two-factor authentication wherever possible.
  • Maintain good antivirus protection: Make sure your digital defense tools are capable of spotting a wide range of threats and are set up to block suspicious behavior automatically.
  • Stay up to date: Apply software and system updates promptly. Outdated programs are often the easiest way for bad actors to enter your network.

Why Staying Proactive Matters

Hackers aren’t standing still. As technology improves, so do their methods. What looks like a familiar website could be a trap set up to take control of your systems. The warning issued by DTI is a reminder that strong cybersecurity isn’t optional; it’s essential.

Taking action now helps prevent damage later. Keep your team alert, your systems protected, and your cybersecurity practices current. Staying ahead of cyber threats means treating your digital safety with the same seriousness as any other part of your business operations.