[AlanHo]

We are going to Devon for 7 days commencing Sep 18th and I was browsing the internet this morning looking for gardens to visit.

I found Burrow Farm Gardens on Trip Advisor and tried to open the Burrow Farm Gardens website. It was intercepted by a message claiming to be from Google that I qualified to enter their competition to win the latest Samsung phone. There was no way to get rid of it and it was clearly a scam.

I have a spare Win 7 Laptop I use for experiments which I regularly restore with an Acronis Back-Up to keep it clean of infections. I fired it up and out of curiosity tried to access the Burrows Farm Gardens website - this time I was intercepted by a message thanking me for wanting to visit their website and offering me the opportunity to win a Samsung S10 phone. I clicked to enter the competition and was presented with a picture of about 20 gift boxes wrapped in ribbon and told to click on one to see if I was the winner. I did – but I lost and they kindly gave me a second chance. I did and lost again, but was offered a third and final chance – this time I won the free phone for today and a window opened asking me to type in my name, delivery address, Email and phone number. I didn’t of course, but the site looked very professional.

I closed my browser and tried again – this time the free phone was an offer from Samsung who were looking for reviews on their latest phone. The phone was a gift in return for trying it out for a month and reporting back to them.  I followed the same procedure and got exactly the same result.

I used Google to find the Burrows phone number and phoned them.

They confirmed what I already knew – their internet hosting site was hacked yesterday and numerous websites had been hacked. He promised to phone me to let me know when they were up and running.

This is the first time that I have come across this scam – I must admit it was a very polished presentation and it would be so easy for someone even more gullible than me to fall for it.

My spare laptop is now chugging away in the background being restored to normality - just in case.

[Shambles]

They're getting cleverer and cleverer.

But don't forget that Win10 comes with a Sandbox which you can use to test these things - it loads up a virtual machine with a complete Windows 10 image in which you can, well, play. When closed down, all within the box is lost.

You may need to enable virtualisation in your bios before you try it though and you need to enable the feature in Windows via the control panel.

[Shambles]

This is what my sandbox showed me for that website

[Shambles]

And seeing as I was protected by the sandbox, I proceeded to load the website and confirmed the phishing you reported

[CraigB]

There is also the "Windows Defender Application Guard" which if using Win 10 and Windows Security can be turned on via the Windows Security panel/App and Browser Control/Isolated Browsing.

Only works using the new Edge Chromium and it'll turn on via the browsers top right settings tab, browser session is then protected (sandboxed) from the rest of the system.

[AlanHo]

Thanks guys - I was aware via a computer magazine I used to suscribe to, of the sandbox feature but messing with BIOS settings is beyond my comfort zone.  I am happy for the few times I need it to revive my old laptop and use my old faithful - Acronis - to restore it back to a safe condition.

[Shambles]

Try enabling the Sandbox feature anyway - control panel will tell you if it's not possible due to bios limitations

[AlanHo]

@Shambles



I guess you need the professional version of windows - I have the Home version.

[The Gonz]

Pro and Enterprise. Home doesn't get a mention.

[Shambles]

https://www.tenforums.com/tutorials/131437-enable-windows-sandbox-feature-windows-10-home-edition.html

[CraigB]

The setting might not be available until virtualisation is enabled...which it should be by default if it's a compatible system.

Open Task Manager (right click taskbar) - click the Performance tab and you should be able to see if virtualisation is enabled

[CraigB]

Alan, While looking at your installed programs I see you have two ad-blockers installed, I'd recommend deleting Adblock keeping the much better Adguard...then update it to the latest 7.5

Flash Player shouldn't be required anymore either, unless you have some local program that requires it modern browsers and the web will generally use HTML5 now making flash obsolete and a security risk.

Flask Player can also be turned off in the browser settings so it is completely disabled from the web.