Content Obfuscation via Image
External Compromised Account
Content Obfuscation via Image
Fake Document
Fake Document
Back to All Attacks
Attack Details
Attack Date:
May 18, 2022

Evernote Fake Document Credential Phishing Attack

Initial Email Content

Subject
[Compromised Third Party Company Name]
Body

[Compromised Third Party Employee Name] sent you a document to review and sign.


REVIEW DOCUMENT


Thank you,


[Compromised Third Party Employee Name]

[Compromised Third Party Company Name]

[Compromised Third Party Company Contact Information]

Attack Screenshots

No items found.
No items found.

Malicious Artifacts

Additional Indicators of Compromise

Type

Description

No items found.

Attack Description

This link-based attack impersonates Evernote and an external third party using a content obfuscation via image, an external compromised account, and a fake document theme to steal credentials.

Analysis Overview

Type
Credential Phishing
Tactic
Content Obfuscation via Image
External Compromised Account
Goal
Credential Theft
Impersonated Party
External Party - Other
Vector
Link-based
Theme
Fake Document
Language