Then it asked me to download a PDF file, which is just a type of document. But when I clicked on it, it tried to download an EXE file. EXE means "executable" and it's a program. I don't know what that program would have done if I had let it onto my computer, but I'd bet the farm it wouldn't be good.
This is why it's so important to pay attention to the details of emails. I put together a helpful guide that can teach you how to spot phishing emails like this one. Click here to read it. When you do get a phishing email, you should delete it immediately. If this DocuSign scam shows up in your inbox, you could also take a second to forward it to the company's security department at firstname.lastname@example.org before trashing it forever.
Think you're a pro at spotting scam emails? See if you can find the five problems with this fake email from Amazon. Click here to test your phishing detection skills.