Slaven

So it seems Evernote got hacked and issued password resets for all their users. I wasn't aware of this fact when I received their email:

I was almost certain this was a phishing attempt. The URL destinations were on links.evernote.mkt5371.com, which at a first glance looks like Evernote's URL until you realize a throwaway domain was involved. I laughed it off and continued to read my email until I realized the email's read a little too well to be a phishing attempt. Sure enough, it was real.

When sending account-specific emails to your customers, always always disable click tracking unless you're somehow doing it through your own domain.