Cybercriminals are exploiting DocuSign's Envelope API to send fraudulent invoices and payment requests, leading to Business Email Compromise attacks. By gaining access to DocuSign's API, attackers create documents that appear to be genuine invoices, which victims e-sign. The attackers then use these signed documents to convince corporate billing departments to authorize unauthorized payments. Despite DocuSign not offering invoicing or payment capabilities, hackers are utilizing the company's own API to facilitate these scams, effectively turning DocuSign's services against its users. Security experts advise users to be cautious when using DocuSign, as the platform's API exploitation presents new risks for businesses.