I'd be really interested to know whether a significant amount of fraud and fraud attempts involve devices with root or non-stock operating systems.

This has always struck me as a matter of checkbox compliance rather than a commonly-exploited attack vector, though I'll grant that's partially because few people actually use such devices.

When I was running a home server as a kid, I IP-blocked the entire continent of Asia because I was constantly getting pings, portscans, HTTP path guesses, SSH auth attempts, etc randomly from there. Of course I secured my stuff to the best of my knowledge, but I still didn't want that harassment cause 1. who knows 2. could be ddos'd.

When finding help on how to do this, people were saying it's useless cause they can proxy/VPN anyway, but obviously that has some cost to them because they weren't doing that. So seeing how I had no legitimate traffic from there, it was an easy choice and cut out like 99% of abuse.

Oh yeah I remember adding my Yubikey to Vanguard as early as 2019! It felt amazingly modern compared to any other bank. I assume this is your or your team’s work. Thank you!

I’ve also had other banks do the same. They provided me with a debit card that supports international transactions but they did not allow logging in from most Asian countries. So I would log in from Asia, be blocked, turn on my VPN and log in from the U.S. to check the balance on my card.