Mar 2, 2013

So it seems Evernote got hacked and issued password resets for all their users. I wasn't aware of this fact when I received their email:

I was almost certain this was a phishing attempt. The URL destinations were on links.evernote.mkt5371.com, which at a first glance looks like Evernote's URL until you realize a throwaway domain was involved. I laughed it off and continued to read my email until I realized the email's read a little too well to be a phishing attempt. Sure enough, it was real.

When sending account-specific emails to your customers, always always disable click tracking unless you're somehow doing it through your own domain.

Previous articles

Mar 2, 2013

So it seems Evernote got hacked and issued password resets for all their users. I wasn't aware of this fact when I received their email:

I was almost certain this was a phishing attempt. The URL destinations were on links.evernote.mkt5371.com, which at a first glance looks like Evernote's URL until you realize a throwaway domain was involved. I laughed it off and continued to read my email until I realized the email's read a little too well to be a phishing attempt. Sure enough, it was real.

When sending account-specific emails to your customers, always always disable click tracking unless you're somehow doing it through your own domain.

More articles