Authorities warn about a new phishing campaign utilising the popular notepad website, Evernote, to be a fake website that will hold a downloadable trojan file to hack into systems and collect victims’ credentials. This latest campaign was found to target the healthcare sector.
As observed from the campaign, the victims are sent an email message, allegedly about a ‘security alert’ that asks them to click on a link attached to the message’s body. Once clicked, the victim will be redirected to a fake Evernote website that displays a file the victim is instructed to download.
However, the file contains a harmful trojan that, if installed on a computer, will trigger a function to damage files, disrupt computer operations, steal data, or inflict more harm to the victims’ networks.
Studies reveal that several healthcare institutions worldwide use Evernote for daily operations.
According to a security researcher, the note-taking and file-sharing web application Evernote is a popular platform used by many healthcare establishments worldwide in administering their daily operations, including taking down healthcare and meeting notes, sharing files, scheduling, and more. Furthermore, workers in the healthcare industry had to sync their data on several devices, which the Evernote app is capable of.
Despite the platform’s valuableness to the sector, security experts worry that it could also pose risks of cybercriminal attacks, including the Evernote-themed phishing scheme. The experts added that since the app could be installed on computers and mobile devices, it could allow hackers to intrude cross-devices.
Evernote’s security team has yet to respond to the issue, but the researchers underline the platform’s need to improve its security measures, including stronger data encryption and devices’ firewall.
Since the healthcare sector is the target in question for this incident, security researchers, alongside federal authorities, have advised them with several security steps to ensure safety from potential threats.
The advice includes updating their operating systems and software apps, enhancing email accounts’ passwords, regularly backing-up important files, and training all users about vital cybersecurity practices, such as avoiding clicking on suspicious links from unknown senders.