The Illinois Shines Program Administrator has been alerted to phishing attempts sent via email this week to stakeholders. The messages show a sender and email address that appears to be from Docusign – a software used by the Program to manage electronic agreements and electronic signatures – and which uses some Docusign branding. The message shared with the Program Administrator indicates “Illinois Shines and Illinois Power Agency sent you a document to review and sign,” and request recipients click a “Review Document” button. These emails have not been sent from the Program nor the IPA and are not legitimate notices. They should not be responded to, and recipients should not click the link(s) in the message. All official Illinois Shines emails should come from @illinoisshines.com or @energy-solution.com, and any emails from the IPA will end with @illinois.gov. Any requests from the Program to sign documents sent via Docusign, which the Program provides notice that it will send, will come from Illinois Shines emails that end in @illinoisshines.com or @energy-solution.com. If you are unsure if an email is legitimate please contact the Program Administrator for confirmation.
These emails look official, as they include the Illinois Shines and Illinois Power Agency names and the Docusign logo, but phishing emails are fraudulent messages that attempt to deceive recipients into providing sensitive information, or installing malware (such as viruses, worms, adware, or ransomware) by clicking on links or replying to the message. Phishing attempts may include unusual sender domains or addresses, a link going to a non-Illinois Shines site or attachments that should not be clicked, and other suspicious language and format. Although this email may appear legitimate, it is not. If you clicked the attachment in the phishing email (or are unsure if you may have) and if you believe you subsequently shared Program Portal credentials, please alert the Program Administrator and change your Program Portal password immediately.
The Program thanks stakeholders for alerting the Program Administrator to these emails and recommends individual recipients contact their company’s system administrators to report the messages. More information regarding this phishing attempt will be provided after the Program further investigates these issues.
Should you have any questions, please contact the Program at [email protected] or (877) 783-1820.