External Compromised Account
Fake Attachment
External Compromised Account
Fake Payment Receipt
Fake Payment Receipt
Back to All Attacks
Attack Details
Attack Date:
May 4, 2022

Evernote Fake Payment Receipt Credential Phishing Attack

Initial Email Content

Subject
View Attached Payment
Body

Check#6253

Dear, Team

View attached Statements

Best regards,

[Impersonated Name]

[Impersonated Title]

[Impersonated Company Name]

[Impersonated Phone Numbers]


The information contained in this transmission may contain privileged and confidential information, including patient information protected by federal and state privacy laws. It is intended only for the use of the person(s) named above. If you are not the intended recipient, you are hereby notified that any review, dissemination, distribution, or duplication of this communication is strictly prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message.

Attack Screenshots

No items found.
No items found.

Malicious Artifacts

Additional Indicators of Compromise

Type

Description

No items found.

Attack Description

This link-based attack impersonates Evernote and an external third party using a fake attachment, compromised external account, and a fake payment receipt theme to steal credentials.

Analysis Overview

Type
Credential Phishing
Tactic
External Compromised Account
Fake Attachment
Goal
Credential Theft
Impersonated Party
External Party - Other
Vector
Link-based
Theme
Fake Payment Receipt
Language