Beware this malware: It “annoys” you into handing over login details

How cautious are you and your team with online security? You know about phishing scams, dodgy downloads, and not clicking suspicious links, right?

But an even sneakier new malware (that’s malicious software) wants to frustrate you into giving up your Google login details.

The malware doesn’t have a catchy name yet, but it’s part of a larger threat known as “Amadey”, and it’s been on the rise since August.

It forces your PC into something called “kiosk mode” (a setting often used on public computers that only lets you access one window). This allows it to lock your browser in full screen mode, hiding all your usual navigation buttons like the address bar and menus. Then you get sent to a fake Google password reset page.

Normally, you’d just hit the Esc or F11 keys to get out of full screen mode, right? Well, not this time. It won’t work if the malware has infected your PC. It wants to confuse you into thinking you must enter your password to solve the problem.

The password reset page will look like a real Google page. But the second you type in your details, they’ll be stolen by a second piece of malware hiding in the background, falling right into the hands of cyber criminals.

Pretty scary stuff.

But here’s the good news: You can break free without giving up your details.

If your browser gets stuck in full screen mode, try hitting ALT+TAB to switch tasks, or ALT+F4 to force the window to close. Otherwise, try closing it through your task manager (CTRL+ALT+DELETE).

If all else fails, just restart your PC by holding down the power button or unplugging it, then get an expert (like us) to look at the malware.

Prevention is always the best approach, though. Be wary if your computer starts behaving strangely, especially if your browser suddenly goes into full screen mode and won’t let you navigate away.

Avoid clicking on suspicious links or downloading attachments you aren’t sure about. And as tempting as it might be to get past an annoying screen, never enter your password unless you’re 100% sure the website is legit.

If you’d like us to teach your team how to avoid the latest scams, we can help. Get in touch.

Recent posts

Another good reason to enforce MFA

Another good reason to enforce MFA

What would happen if someone got hold of one of your employees’ passwords from years ago? Not a password they’re using today. Not one they even remember. Just an old one that never got changed. Because that’s exactly how a recent, large-scale data-theft campaign...

read more
Important: Protect your business from digital fraud

Important: Protect your business from digital fraud

Scams aren’t what they used to be.  They’re not always obvious, they’re not always clumsy, and they don’t always come with spelling mistakes or odd graphics.  Today’s digital fraud is faster, smarter, and often created with the help of AI. Which means it’s...

read more
Prepare your business for more refined cyberthreats

Prepare your business for more refined cyberthreats

Cyber criminals aren’t simply causing chaos anymore.  They’re getting smarter, more organised, and much better at finding weak spots in businesses of every size.  And while that sounds worrying, understanding what’s happening is the first step to protecting...

read more