Ever Had Your Screen Go Rogue?
You’re in the middle of your workday, juggling tasks, switching tabs, when suddenly, your computer screen goes rogue. It’s locked in full screen mode, and no matter what you press, it refuses to budge. You’re hitting Esc, F11, maybe even hammering the mouse buttons in frustration. But nothing works, and you’re stuck staring at one page with no way out.
At first, you might think it’s just your PC having a tantrum. Sometimes technology seems to have a mind of its own!
But there’s a sneaky new malware on the rise that’s hoping you’ll believe just that. It’s a clever bit of malicious software that’s banking on you getting frustrated and confused enough to give up some valuable information – your Google login details, to be precise.
The Malware with a Devious Goal
This malware isn’t content to just sit back and hope you click a dodgy link. Instead, it’s designed to actively trap you in full screen mode, removing all the usual ways you’d escape. You’re left feeling a bit stuck and vulnerable, with the browser taking over your screen. Then, when it has you cornered, it pulls out its big trick: a fake Google password reset page that looks just like the real thing.
The idea is simple but effective. By locking your screen and removing your usual navigation tools, the malware is creating the perfect set-up for you to believe you’re genuinely being asked to reset your password.
So, What’s Actually Happening?
This particular scam is part of a larger malware campaign known as “Amadey.” Normally, malware does its work quietly, lurking in the background without you noticing. But Amadey’s tactics are a bit more direct – and honestly, a lot more annoying. Once it infects your computer, it takes over by putting your system into something called “kiosk mode.”
For those unfamiliar, kiosk mode is a setting often used on public computers, like those in libraries or cafes. It’s designed to limit what a user can do, usually locking the screen to a single window in full screen, without the ability to access the desktop or open other programs. In a public setting, it’s meant to be helpful. But when Amadey malware uses kiosk mode, it’s anything but.
In this case, the malware uses kiosk mode to keep you from doing anything that might get you out of its grip. You’re locked into a full-screen window, with no address bar, no back button, and no way to exit. All you see is one screen, and it’s not going anywhere.
The Fake Google Page
This is where things get really crafty. Once Amadey has you trapped in kiosk mode, it displays a fake Google password reset page. The page looks almost identical to the real thing – Google logo, familiar colours, the whole lot. To most people, it seems like a genuine prompt from Google, maybe even a security measure due to suspicious activity on your account.
Naturally, the first thing you try is hitting Esc or F11, hoping to exit full screen mode. But this malware isn’t playing fair. Those escape keys don’t work. You try a few more times, maybe feeling a bit more frustrated and a lot more anxious. And the page is cleverly designed to keep you focused on that frustration by telling you to enter your Google password to “resolve the issue.”
It’s a perfectly set trap. At this point, most people feel like they’ve got no other option but to follow the instructions and enter their password. But that’s exactly what the scammers are banking on. The second you type in your details; they’re whisked away to the cyber criminals behind the scam. They’ve got your login, and now they’ve got access to everything linked to that Google account.
So, what can you do if you find yourself in this situation? We’ll cover the escape plan in the next section. Spoiler alert: it doesn’t involve entering your password!
How to Escape the Trap
So, you’re stuck, and it feels like there’s no way out. But don’t worry – there are a few tricks you can try before giving up and entering your details.
- Switch Tasks: Try using ALT+TAB. This key combination lets you cycle between open programs, so it might help you escape the full-screen trap if you can switch to another window.
- Force-Close the Window: If ALT+TAB doesn’t work, go for ALT+F4. This shortcut closes the current window or application, which might be enough to kick you out of kiosk mode.
- Use Task Manager: Still no luck? Time for CTRL+ALT+DELETE. This brings up the Task Manager, where you can manually end the process that’s keeping you stuck in full screen. Look for your web browser in the list, select it, and hit “End Task.” This should force-close the browser.
- The Last Resort: If all else fails, do a hard reset by holding down the power button until the computer shuts down. Or if you’re really desperate, unplug it from the mains (just don’t make a habit of it!). While this isn’t ideal, it’s better than giving away your credentials to a scammer.
Stay One Step Ahead
As with most things in life, prevention is the best cure. The best way to deal with these scams is to avoid them altogether. Here’s how:
- Trust Your Instincts: If your browser suddenly goes full screen without you telling it to, that’s a red flag. Always be cautious if your computer is acting out of character.
- Think Before You Click: Avoid opening suspicious links or attachments. A lot of malware sneaks in through dodgy email links or questionable downloads.
- Verify Before You Enter Your Password: If a page is asking for your password, especially unexpectedly, double-check that you’re on the legitimate site. Look for the HTTPS lock in the address bar and be wary if something feels off. A genuine password reset request usually happens because you initiated it, not because a website demanded it out of the blue.
Need a Hand?
Book a 15 minute call with Nick: