Name all the widely used infection vectors for personal computers.
What are the most common infection vectors for personal computers?
A website I was going through had the basic explanation of the infection vectors as Common cyber attack vectors include viruses and malware, email attachments, webpages, pop-up windows, instant messages (IMs), chat rooms and deception. Except for deception, all of these methods involve programming or, in a few cases, hardware.
I'm going to reproduce my answer to this question from my website, DecentSecurity.com You get trickedĀ "But I'm too smart to get tricked." - You Being tricked isn't strictly related to intelligence. Most infection vectors are by people downloading and running the virus themselves. I've seen very smart, experienced people fall for all kinds of schemes.
For example:
In email attachments that say they're invoices, parking tickets, or legal judgements A website will say you need to update software in order to use it Part of other programs you download and run from unreputable sitesYou're told you have an infection and you need to do something to fix it Trying to use stolen software. This is a huge way people get infected because criminals know that it's a super easy way to get people to run untrustworthy software Some viruses, when they infect computers, will email themselves to everyone on someone's address list. You can't trust even files you get from friends unless you were expecting them and the email makes sense. Feel free to reply back and ask The first rule is that you don't download files or run software that isn't something that you were specifically looking for.
The software you do get must be from a link on the original company's website, that you searched for and verified as real. When you do install software, make sure you read every option it gives you. Your antivirus saying something isn't a virus doesn't mean anything. You get kit'd
There are specially designed web pages that test your computer for lots of outdated software, and if it finds some, it uses known programming errors in those programs to infect your computer - usually in seconds and without you doing anything. These are called exploit kits and they are big business.
Criminals hack other sites or use malicious advertisements to redirect your browser to them. This happens even on big sites, where it's called malvertising. You don't have to go looking, these infections come to you. They also send these links in emails and messages on social networking sites. Usually you are protected if you keep your software up to date.
You get 0day'd
Hackers will sometimes discover a programming flaw and, rather than report it to the developer of the program, use it against people. This kind of flaw is called a "zero-day" because users of the affected program had zero days to deploy a fix before they got infected. These are rare, but it's one way criminals can get in. This is why you don't open email attachments or office documents you didn't specifically ask for. Do not click links in text messages or messaging programs.