Fake “Image Has Been Sent” Evernote Emails Lead to Malicious Sites

Beware of fake Evernote notifications!

In case you come across a suspicious Evernote notification in your inbox, act with caution since it might be part of a cybercriminal campaign designed to lure users to malicious websites.

According to Dynamoo’s Blog, the fake emails appear to come from accounts@pcfa.co.in and they carry the subject line “Image has been sent.”

The emails look something like this:

“Image has been sent.
DSC_990341.jpg 33 Kbytes
Go To Evernote.

Copyright 2014 Evernote Corporation. All rights reserved”

The link doesn’t point to Evernote, but to one of many malicious websites set up to serve malware.

A list of the domains and IP addresses used by cybercriminals in this attack are available on Dynamoo’s Blog. The same group (RU:8080) is behind numerous spam runs, including ones that leverage the names of Pinterest, Dropbox, the BBB, and UPS.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s