10 most common attack vectors

What are cyber-attack vectors? 10 Most common vectors – Explained


In this post, You will learn what is cyber-attack vector and you will know the 10 most common cyber attack vectors.

What is a cyber-attack vectors❓

A cyber-attack vectors is a pathway used by a hacker to illegally access a network or a computer in an attempt to exploit the flaws(Vulnerability).

In simple words, a cyber-attack vectors is a path by which a hacker can gain access to a host in order to deliver a payload or malicious software or deliver and exploit the vulnerability.

10 Most common attack vectors

  1. APT – Advanced Persistent Threats
  2. Cloud computing / Cloud-based technologies
  3. Viruses, worms, and malware
  4. Ransomware
  5. Mobile Device threats
  6. Botnets
  7. Insider attacks
  8. Phishing attacks
  9. Web Application Threats
  10. IoT Threats

1. APT – Advanced persistent threat

An advanced persistent threat is a stealthy threat actor, typically a nation or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period; Typically uses zero-day attacks.

2. Cloud computing / Cloud-based technologies

Flaw(Vulnerability) in one client’s application cloud account allows attackers to access other clients’ data.

3. Virus Worm and Malware

Viruses and worms both fall under the malware category. These viruses and worms both replicate themselves and affect the connected computers.

Whereas the worm is more dangerous than the virus. The worm doesn’t need any host to control it auto replicates itself and spreads to other networks and systems.

To read more about Malware [Click here]

4. Ransomware

Blocks access to important documents, images, folders and demands ransom(Money)

To read more about Ransomware [Click here]

5. Mobile Device threats

Not updating for a long period of time is going to be the biggest mobile device threat.

6. Botnets

Bots together form botnets and send multiple requests to the target IP and down the network, it is also called DoS and DDoS.

To perform a DoS or DDoS attack watch this Youtube Video [Click here]

To read more about Botnet [Click here]

7. Insider attacks

A disgruntled employee can damage assets from inside is called an insider threat. To prevent insider threat the CISO use the zero trust level.

8. Phishing attacks

A phishing attack is a passive information gathering method, Phishing attack is directly interacting with the target human and making him/her click the malicious link the hacker sent.

There are different types of phishing attacks they are;

  1. Spear phishing
  2. Vishing
  3. Smishing

Spear phishing

Spear phishing’s is also a type of phishing and also vishing attack. In spear phishing’s, the hacker does a targeted attack. This means the hacker knows the target and then attacks.


Vishing is also a type of phishing’s attack. This Phishing’s attack takes place only in calling. Also, the stupid scam calls are called Phishing attacks. Mostly older people are targeted.


Smishing is also a type of phishing’s attack. The cybercriminal will send the text only is called a smishing attack.

To read more about phishing [Click here]

9. Web Application Threats

Cross-site scripting(XSS) and SQL injection are web application threats. These attacks can be done using the burpsuite tool.

To read more about SQL injection and cross-site scripting [Click here]

10 IoT threat

IoT is the biggest threat in today world, Kaspersky says DDoS attacks are mostly done using compromised IoT devices.

To Prevent IoT attacks enter a custom password set by the user and then do a regular malware scan.

Also Read: Top 5 Brute force software for free and very powerful

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions or brave browser to block ads. Please support us by disabling these ads blocker.Our website is made possible by displaying Ads hope you whitelist our site. We use very minimal Ads in our site


Scroll to Top