AlwaysTired 0 Posted January 1, 2022 Share Posted January 1, 2022 Hello there, I was pretty shocked to find the following request in my e-mail inbox today. Someone specifically (and only) requested access to one of the few very sensitive and encrypted notes within my 26,000 Evernote notes and did not do so by e.g. using an Evernote e-mail address, but their private GMail account. Why do I mention an "Evernote e-mail address" in this context? Because I recently (re)opened a ticket with support about (another) encrypted note and I don't know how else anybody would be able to gain access to my EN database, to even ask for this permission? Worryingly, all Evernote support agents are supposed to be on a holiday break until 3rd of January 2022 ? So what should I make of this odd request (that I cannot even deny / cancel !!) ? Can I report or block the e-mail address somewhere? Link to comment
Level 5 PinkElephant 8,109 Posted January 1, 2022 Level 5 Share Posted January 1, 2022 Go to your account settings, and check your access history. If you notice something out of the regular, follow this advise: https://help.evernote.com/hc/en-us/articles/115004395487 Link to comment
Level 5* gazumped 11,664 Posted January 1, 2022 Level 5* Share Posted January 1, 2022 Definitely report this to Support - they'll be back working in a couple of days, but with a backlog of holiday requests to work through... It looks like the Evernote system is working correctly - someone attempting access to a note via it's 'share' link would get a link to the effect of "you're not authorised to see this note - ask the author for permission" with a disguised link to your email address. The attempted access might have been intended for another URL, but occurred through a misquoted or mistyped address. Check the details of that note to make sure the share link is not active. Link to comment
Level 5* DTLow 5,736 Posted January 1, 2022 Level 5* Share Posted January 1, 2022 1 hour ago, AlwaysTired said: Someone specifically (and only) requested access to one of the few very sensitive and encrypted notes within my 26,000 Evernote notes It's happened to me in the forums I provided a copy of a note that contained a link to one of my notes Users clicked on the link, triggering the access request Link to comment
Evernote Expert agsteele 2,948 Posted January 1, 2022 Evernote Expert Share Posted January 1, 2022 I can understand your concern. I would be equally concerned. It is quite possible for a scammer to attempt access to random notes by generating random note IDs. Good thing that the EN system has caught this and referred it to you. @DTLow has suggested another way this could have happened. Check that sharing is disabled for this note. Definitely report this. Ensure your take the normal security checks for your account. Link to comment
Level 5* gazumped 11,664 Posted January 1, 2022 Level 5* Share Posted January 1, 2022 2 hours ago, DTLow said: I provided a copy of a note that contained a link to one of my notes Which prompts a lightbulb moment - we occasionally get requests to provide limited access to a shared page - it hadn't occurred to me before that if you send out a publicly shared note (or a link to a public share) which basically says: please request access to <this information> by clicking the link, you could then allow individual users access - or not - by email address; and you'd know who has actually accessed that link. (Sorry for the brief side line there) Link to comment
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now