I sometimes cryptographically sign documents by using GPG. I do this as a way of showing that the document was really signed by me and that it has not been modified in any way. Placing an image of a hand written signature into a document gives a false sense of security as anybody can then replicate your signature.

Digital signatures such as the feature built into Adobe products (which use cryptography) can be useful, but only if done correctly such as having your signature validated by a Certificate Authority (CA) similar to how SSL/TLS works or by having people be able to retrieve a copy of your public key from a trusted source so they can verify themselves. Most of the time neither is done, making the signature absolutely pointless.

Signing the file

To sign a pdf document:

gpg --output doc.pdf.sig --detach-sig doc.pdf

When sending the document send both doc.pdf and doc.pdf.sig

Verifying the signed file

Download or otherwise obtain the public key from the person who signed the file. Verify the key has the correct key ID:

gpg --keyid-format long --list-options show-keyring public_key.asc

If it is correct, then import the key

gpg --import public_key.asc

You can then verify the file is signed with

gpg --verify doc.pdf.sig doc.pdf