Sent from firstname.lastname@example.org and titled "Image has been sent", the email pretends to be a notification from Evernote that alerts the user to an image he or she needs to check out, and which is apparently hosted on Evernote.
Unfortunately, that's not true. It leads the user to a malicious site that is believed to host the Angler exploit kit and which, upon a successful vulnerability exploitation, saddles him or her with malware.
Dynamoo’s Blog's Conrad Longmore believes that the spam campaign in question has been mounted by the so-called RU:8080 gang, which has a history of similar spam runs impersonating legitimate Internet services such as Pinterest, Dropbox, etc.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.