Alert on Task Scam: New wave of fraud exploits Google Tasks notifications against corporate credentials

A new sophisticated phishing campaign has recently been identified, exploiting Google Tasks, a widely trusted tool in corporations. In this task scam, cybercriminals hijack legitimate notifications from this platform to deceive employees into revealing their access credentials, posing a threat to internal company systems. Kaspersky, a global leader in cybersecurity, discovered this fraud that abuses the official domain @google.com to bypass traditional security filters.

How the Task Scam Works: Exploiting Trust in Legitimate Tools

The task scam follows a clear and calculated structure. Attackers send notifications that appear to originate from Google Tasks, with the subject line “You have a new task.” The content is deceptively realistic, simulating that the victim’s organization has adopted Google’s task management system as an official corporate tool.

To increase the sense of urgency, criminals include high-priority markers and tight deadlines in the notifications, applying psychological pressure that reduces the employee’s critical thinking. When the user clicks the link in this fraudulent message, they are directed to a fake page disguised as a “employee verification” form.

This fake form asks the user to fill in their corporate login details under the pretext of confirming their status within the company. Once captured, these credentials become an entry point for unauthorized access to servers, theft of sensitive data, and potential chained attacks against the corporate infrastructure.

Social Engineering in the Era of the Task Scam: Why Employees Fall for the Traps

The success of the task scam relies on its clever use of social engineering. Unlike common phishing, this scam leverages users’ absolute familiarity with the Google ecosystem. Since many employees already use Gmail, Google Drive, and other tools from the tech giant, the natural impulse is to trust notifications arriving from the @google.com domain.

Kaspersky notes that because these notifications originate from legitimate domains, they naturally bypass many spam filters and conventional phishing detection systems. The attacker enhances this tactic by inserting elements that seem to belong to internal company processes—specific corporate language, familiar formats, even references to internal policies—greatly reducing the victim’s suspicion.

Roman Dedenok, Kaspersky’s anti-spam expert, comments: “The social engineering behind the task scam exploits the speed of modern corporations and trust in established cloud services. Making it look like an internal company process is particularly effective because it suppresses employees’ critical thinking at that moment.”

Protecting Against the Task Scam: Essential Corporate Security Strategies

In the face of this evolving threat, organizations should implement multiple layers of defense. First, any unsolicited invitation or notification should be treated with extreme suspicion, regardless of its seemingly legitimate origin. Employees must carefully verify URLs before clicking, avoiding redirects to fraudulent pages.

An important practice is never to call phone numbers provided in suspicious emails; if contact is necessary, the best approach is to look up the official number listed on the company’s website. Any suspicious activity should be reported immediately to the IT department and the platform provider.

At the corporate level, multi-factor authentication (MFA) on all accounts provides a valuable shield, making it significantly harder for criminals to exploit captured credentials. Security policies should be regularly updated to reflect these new tactics.

Specialized Solutions Against the Task Scam

To protect corporate users, Kaspersky offers solutions such as Kaspersky Security for Mail Server, which implements multi-layer defense mechanisms powered by machine learning algorithms. These systems can detect suspicious behavior patterns and phishing attempts even when attacks bypass traditional filters.

For individual users, Kaspersky Premium provides AI-based anti-phishing features designed specifically to help prevent attacks like the task scam and to strengthen overall cybersecurity.

The broader context reveals that criminals continue to exploit legitimate platforms as vehicles for fraud. The task scam is just one example of a trend that will intensify in 2026, where cybercriminals recycle and adapt their tactics to abuse the trusted ecosystems billions of people use daily.