|
" Most modern browsers do stop these,"
No they don't unless you have a script blocking plugin such as noScript or uMatrix.
Indeed Never open any email attachment without being 100% sure who sent it. The From address doesn't count. Make sure file endings are enabled (Windows) and you know which files are safe to open.
Infected SD cards USB sticks are a common corporate attack vector. Make sure no autorun repartition any recycled or new one. They are not a likely source of malware for people not in the work force and not in youth culture. Unprotected browsers are the problem.
All the many PCs I've removed viruses, trojans and root kits from had working AV software. All were used with unprotected browsers and by people that had never been told about spoofed From in Emails, turning off remote content in emails and assuming you can click on email attachments. Many fooled by filename.txt<loads of spaces>.exe etc.
Some of the PCs had vital system files "quarantined" by AV software by mistake and thus would not reboot or would crash.
Education, a script blocker, no remote content in email viewer (don't use Web mail), no autorun is FAR better than any AV and won't break Calibre or other programs.
|