How cautious are you and your team with online security? Most of us know to avoid phishing scams, suspicious downloads, and sketchy links. But a sneaky new malware variant wants to trick you into handing over your Google login details—and it’s not as obvious as a typical scam.
This malware doesn’t have a catchy name yet, but it’s part of a larger malicious threat known as “Amadey,” which has been on the rise since August. Here’s what it does, why it’s so effective, and how you can protect yourself and your team.
The Amadey malware forces your PC into a setting called “kiosk mode.” Often used on public computers, kiosk mode restricts users to a single window, locking your browser in full-screen mode. This hides all navigation buttons, the address bar, and menus—essentially trapping you in one place.
Once in this mode, you’ll be directed to a fake Google password reset page. Normally, hitting Esc or F11 exits full-screen mode, but this malware blocks those functions. The goal is to frustrate and trick you into thinking the only solution is to enter your password. Unfortunately, the moment you do, another piece of malware lurking in the background steals your login information.
If you ever find yourself stuck in full-screen mode with no escape, don’t panic. Here are a few ways to break free:
If all else fails, a quick PC restart by holding down the power button can break the lock, after which you’ll want to reach out to a security expert (like us!) to inspect your device.
Amadey malware and its kiosk mode trick rely on catching users off guard. Here’s how to stay safe:
With online scams becoming more sophisticated, educating your team on the latest threats is essential. If you’d like us to train your team to spot red flags and avoid falling for scams, get in touch with us. We’re here to help.