Skip to main content

Kaspersky Uncovers Google Tasks Phishing To Steal Credentials



Editor’s note: The following briefing outlines a new phishing campaign uncovered by Kaspersky that hijacks legitimate Google Tasks notifications to steal corporate credentials. The attackers impersonate trusted services, leveraging the @google.com domain and intra-company cues to evade standard filters and pressure users into acting quickly. Victims are invited to click a link and complete a fraudulent employee verification form, exposing sensitive credentials that could grant unauthorized access. This advisory highlights the evolving tactics criminals use to exploit familiar tools and the importance of vigilance in enterprise environments.

Key points



  • Attackers abuse legitimate Google Tasks notifications to steal corporate credentials.

  • The campaign uses the trusted @google.com domain to bypass filters and build trust.

  • Users are directed to a fraudulent employee verification form after clicking a link.

  • The social engineering hinges on urgency and internal process appearance to lower defenses.


Why this matters


By exploiting familiar services, the campaign exploits trust in everyday tools, increasing the likelihood that employees reveal credentials. This approach bypasses many security filters and highlights the need for awareness and layered defenses in organizations. The incident underscores why training, MFA, and robust verification processes are critical as attackers continue to adapt to legitimate platforms.

What to watch next



  • Look for more phishing attempts that imitate enterprise tools via trusted notification channels.

  • Watch for fraudulent forms asking for corporate credentials and verify URLs before interacting.

  • Ensure MFA and mail-server security measures are in place to protect accounts.

  • Report suspicious activity to IT and update security policies as needed.


Disclosure: The content below is a press release provided by the company/PR representative. It is published for informational purposes.

Kaspersky discovers new phishing campaign exploiting Google Tasks notifications to steal corporate credentials


February 26, 2026

Kaspersky has uncovered a new phishing scheme that abuses legitimate Google Tasks notifications to trick corporate users into revealing corporate login credentials. By leveraging Google's trusted @google.com email domain and notification system, attackers bypass traditional email security filters and exploit users' trust in familiar services.

In this campaign, victims receive an authentic-looking notification from Google Tasks with the subject line “You have a new task.” The message creates the illusion that the recipient's company has adopted Google's task management tool, pressuring them to act quickly. The notification often includes elements of urgency, such as a high-priority flag and a tight deadline, to prompt the victim’s immediate response.

Upon clicking the embedded link, users are directed to a fraudulent form disguised as an “employee verification” page, where they are asked to enter their corporate credentials under the pretense of confirming their status. These stolen credentials can then be used for unauthorized access to company systems, data theft, or further attacks.

“Google’s vast ecosystem of services gets exploited by scammers. The scheme with Google Tasks is part of a broader trend observed before and continuing into 2026, where cybercriminals misuse legitimate platforms to distribute scams and phishing. Notifications originating from legitimate domains naturally evade many spam and phishing filters, while the social engineering aspect – making it seem like an internal company process – lowers the victim’s guard,” comments Roman Dedenok, Anti-Spam Expert at Kaspersky.

Read the article about this tactic on Kaspersky’s blog.

To counter this and similar threats, Kaspersky recommends:

  • Treat unsolicited invitations from any platform with suspicion, even if they appear to come from trusted sources

  • Carefully inspect URLs before clicking

  • Do not call any phone numbers indicated in suspicious emails – if you need to call support of a certain service, it is best to find the phone number on the official webpage of this service

  • Report suspicious emails to the platform provider and use multi-factor authentication for all accounts

  • For corporate users, Kaspersky Security for Mail Server with its multi-layered defense mechanisms powered by machine learning algorithms provides robust protection against a wide range of evolving threats and offers peace of mind to businesses in the face of evolving cyber risks

  • For individual users Kaspersky Premium offers AI-powered anti phishing features designed to help avoid phishing attacks and improve overall cybersecurity


About Kaspersky


Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect individuals, businesses, critical infrastructure and governments around the globe. The company’s comprehensive security portfolio includes leading digital life protection for personal devices, specialized security products and services for companies, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help millions of individuals and nearly 200,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

https://www.cryptobreaking.com/kaspersky-uncovers-google-tasks-phishing/?utm_source=blogger%20&utm_medium=social_auto&utm_campaign=Kaspersky%20Uncovers%20Google%20Tasks%20Phishing%20To%20Steal%20Credentials%20
Labels:

Comments

Post a Comment

Popular posts from this blog

Coinbase's x402 launches AI agents app store for payments

Coinbase-backed x402 has unveiled Agentic.market, a dedicated marketplace aimed at increasing the usefulness of AI agents by aggregating thousands of apps and services that agents can access without any API keys. The rollout positions the platform as a central hub for agents to discover, evaluate, and deploy capabilities across a standardized payments layer. Coinbase product lead Nick Prince described Agentic.market in a video posted on X as a storefront for discovering, comparing, and using x402 services. The marketplace is designed to give both humans and their AI agents access to a wide range of tools—from data feeds to consumer apps—without the friction of managing API credentials. A storefront for discovering, comparing, and using x402 services. Thousands of services. Zero API keys. Powered by x402. Prince added that the market offers a web interface for humans to browse and assess services, alongside a programming layer that lets AI agents autonomously search, filter, and integra...
Post a Comment
Read more

Top Cryptocurrencies to Watch: BTC, ETH, BNB, XRP, Solana, Dogecoin & More

Market Analysis and Price Predictions for Key Cryptocurrencies Recent market dynamics reveal a cautious sentiment across the cryptocurrency landscape, with Bitcoin struggling to maintain levels above $90,000 and many major altcoins facing downward pressure. Indicators point toward reduced participation from both institutional and retail investors, raising concerns about a potential consolidation phase after notable gains earlier in the year. Bitcoin has fallen below $87,000, reflecting waning demand at higher price points. Institutional fund flows into BTC and ETH ETFs have turned negative, indicating a period of subdued market activity. Active addresses and Binance deposit/withdrawal activities are at annual lows, suggesting market indecision. Most leading altcoins are approaching support levels, with some poised for potential breakdowns. Tickers mentioned: Bitcoin, Ethereum, Binance Coin, XRP, Solana, Dogecoin, Cardano, Bitcoin Cash, Chainlink, Hyperliquid Sentiment: Neutral to Sli...
Post a Comment
Read more

Analyst: Bitcoin can reclaim $100K without a new narrative

Bitcoin has stalled below the $100,000 threshold, marking a run of almost five months without a breakout above that level. As of the latest market close, BTC hovered around $78,250 after a February nadir of about $60,000, underscoring a slow, grinding recovery amid broader market dynamics. In parallel, tech markets—especially AI-focused equities—have captured the spotlight, with investors rotating capital away from crypto in search of different risk-reward profiles. Nvidia (NVDA), the leading AI stock by market cap, has gained about 5.08% since the start of the year, while Bitcoin has faced a roughly 10% dip over the same period, illustrating a diverging performance within risk assets. MN Trading Capital founder Michael van de Poppe suggested that Bitcoin may not require a fresh narrative to push back above $100,000. In a post on X, he asked what narrative would drive BTC to the milestone and concluded that “price moves upwards, and the narrative will create itself.” He continued that ...
Post a Comment
Read more