MarcelCo 2 Posted December 30, 2022 Share Posted December 30, 2022 Because I had to reinstall Evernote on my PC again (issue with reupdateing 10.50 over 10.48) I ran into a website that looks exactly like the real Evernote Website, but is FAKE! The download went well and Norton saw no virus, but I think the Fake Website is phishing for User-ID's and Passwords! When I lookup this URL on Whois.com it wasn't linked to the Evernote Organisation. Please, can the Team of Evernote take action to prevent ID and Password phishing! Link to comment
Evernote Expert agsteele 3,060 Posted December 30, 2022 Evernote Expert Share Posted December 30, 2022 Thank you for the heads-up. We're largely other users in these forums so appreciate your warning but I won't be testing the URL you provided. I cannot be sure what other payload the website might carry. I'd advise nobody follows the link you provided. If you want Evernote staff to be aware of this then you should open a support ticket (as a guest if you are a Free plan user). 1 Link to comment
Level 5 PinkElephant 8,829 Posted December 30, 2022 Level 5 Share Posted December 30, 2022 Tried the URL from the iPhone. It won’t load, but doesn’t give an error code neither. From the URL it is so far from the legit site that I doubt it is a danger with the current URL. 1 Link to comment
MarcelCo 2 Posted December 30, 2022 Author Share Posted December 30, 2022 2 hours ago, agsteele said: Thank you for the heads-up. We're largely other users in these forums so appreciate your warning but I won't be testing the URL you provided. I cannot be sure what other payload the website might carry. I'd advise nobody follows the link you provided. If you want Evernote staff to be aware of this then you should open a support ticket (as a guest if you are a Free plan user). You are welcome, agsteele. If we see a fake website copying our website at the company I work for we take immediate action no matter how the information comes to us. Phising identities and passwords should be a major concern to EN staff and act on it, whitout me having to make a ticket. Link to comment
MarcelCo 2 Posted December 30, 2022 Author Share Posted December 30, 2022 2 hours ago, PinkElephant said: Tried the URL from the iPhone. It won’t load, but doesn’t give an error code neither. From the URL it is so far from the legit site that I doubt it is a danger with the current URL. I agree, the URL is far from the real thing. And yet, although I am always very cautious with links and sites felt for it. The fake site looks very alike and even delivers the right download (I have checked and compared with the download from the real site). But to anyone: be sure not to login into the fake one. Link to comment
Boot17 1,539 Posted December 30, 2022 Share Posted December 30, 2022 6 hours ago, MarcelCo said: I ran into a website that looks exactly like the real Evernote Website, but is FAKE! How exactly did you come across that website? Even if I type 'evetrrote' into a google search I get this: Then, if I click the 'evetrrote' on the "Search instead for evetrrote", I get this thread as the only search result: @MarcelCo -- this thread is your only participation in this forum. What kind of game are you playing? Link to comment
MarcelCo 2 Posted December 30, 2022 Author Share Posted December 30, 2022 26 minutes ago, Boot17 said: How exactly did you come across that website? Even if I type 'evetrrote' into a google search I get this: Then, if I click the 'evetrrote' on the "Search instead for evetrrote", I get this thread as the only search result: @MarcelCo -- this thread is your only participation in this forum. What kind of game are you playing? I searched in Google Search for: evernote download windows 11 The fake website came on as first in the list. I did not paid enough attention at the URL. When I searched a few minutes ago, the fake website did not showed up again in the search list. Link to comment
Boot17 1,539 Posted December 30, 2022 Share Posted December 30, 2022 18 minutes ago, MarcelCo said: I searched in Google Search for: evernote download windows 11 The fake website came on as first in the list. I did not paid enough attention at the URL. I'd bet that 99% chance that you have some malware browser extension or something similar. 1 Link to comment
Level 5 PinkElephant 8,829 Posted December 30, 2022 Level 5 Share Posted December 30, 2022 Could be, but what makes me think is that this site gives no response, but no error message either. OK, I tried with safe and hardened browsers. So maybe they detect this, and to cloak what they try to do they play "belly up". Link to comment
Boot17 1,539 Posted December 30, 2022 Share Posted December 30, 2022 No doubt the site could exist, but it can't be found by a "real" google search. Based on evidence so far, I'm guessing the way it was seen was by a bad actor injecting something into the search result on OP's computer -- client side. Or perhaps the search result is also location-based (and based on other meta-data that Google has on us) and I'm not in the same location as OP... But now even searching for 'evetrrote' in Firefox in a Private session in DuckDuckGo doesn't bring up that URL, so... I'm still going to go with malware on OP's device... Link to comment
Level 5 Solution PinkElephant 8,829 Posted December 30, 2022 Level 5 Solution Share Posted December 30, 2022 Or as speculative: Google identified it as malicious, erased it from search and blocks it when called. As one of the major DNS-resolvers they can practically lay dry every website, by redirecting the DNS-requests. But usually there would be an error message then. Mysterious … Link to comment
Evernote Expert agsteele 3,060 Posted December 30, 2022 Evernote Expert Share Posted December 30, 2022 5 hours ago, MarcelCo said: Phising identities and passwords should be a major concern to EN staff and act on it, whitout me having to make a ticket Yes, for sure. But you aren't reporting to Evernote in these forums. You are sharing with fellow users so only a small chance that Evernote will hear/see your report. Link to comment
MarcelCo 2 Posted January 15, 2023 Author Share Posted January 15, 2023 On 12/30/2022 at 7:58 PM, PinkElephant said: Or as speculative: Google identified it as malicious, erased it from search and blocks it when called. As one of the major DNS-resolvers they can practically lay dry every website, by redirecting the DNS-requests. But usually there would be an error message then. Mysterious … With all the assumptions here I think PinkElephant had a good suggestion (Google erased it from the search). As already said I didn't find the malicious URL anymore. Would it have been any malicious thing on my side I still would see the malicious URL. And I am not. 1 Link to comment
MarcelCo 2 Posted January 15, 2023 Author Share Posted January 15, 2023 On 12/30/2022 at 8:42 PM, agsteele said: Yes, for sure. But you aren't reporting to Evernote in these forums. You are sharing with fellow users so only a small chance that Evernote will hear/see your report. I understand your point. But then again if it is the case no EN staff bothers to have a peek here on the forum why is there a 'feature reguest' category on the forum? Link to comment
Level 5 PinkElephant 8,829 Posted January 15, 2023 Level 5 Share Posted January 15, 2023 They may take a look from time to time - who knows. But they don't monitor the forum for "action posts", that's pretty much for sure. Not for bugs, not for devs using the API and not for weird websites. Link to comment
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now