Kaspersky has uncovered a new phishing scheme that abuses legitimate Google Tasks notifications to trick corporate users into revealing corporate login credentials. By leveraging Google's trusted @google.com email domain and notification system, attackers bypass traditional email security filters and exploit users' trust in familiar services.
In this campaign, victims receive an authentic-looking Google Tasks notification with the subject line “You have a new task.” The message creates the illusion that the recipient's company has adopted Google's task management tool, pressuring them to act quickly. The notification often includes elements of urgency, such as a high-priority flag and a tight deadline, to prompt the victim’s immediate response.
Upon clicking the embedded link, users are directed to a fraudulent form disguised as an ‘employee verification’ page, where they are asked to enter their corporate credentials under the pretence of confirming their status. These stolen credentials can then be used to gain unauthorised access to company systems, steal data, or launch further attacks.
“Google’s vast ecosystem of services gets exploited by scammers. The scheme with Google Tasks is part of a broader trend observed before and continuing into 2026, in which cybercriminals misuse legitimate platforms to distribute scams and phishing messages. Notifications originating from legitimate domains naturally evade many spam and phishing filters, while the social engineering aspect – making it seem like an internal company process – lowers the victim’s guard,” comments Roman Dedenok, anti-spam expert at Kaspersky.
For more information contact Kaspersky SA,
© Technews Publishing (Pty) Ltd. | All Rights Reserved.
printer friendly version