Tag Archive for Florida

| May 10, 2018
Comments Off on Riskiest ZIP Codes

Riskiest ZIP Codes

Riskiest ZIP CodesCredit rating firm Experian recently published a list of the top 100 riskiest shipping ZIP codes for 2017. In the list, U.S. ZIP codes were rated on the number of attempted fraudulent e-commerce transactions against the population of overall e-commerce orders for the ZIP codes.

Experian’s analysis of fraudulent transactions says international IP addresses affect the overall riskiness of a transaction. e-Commerce transactions from international IP addresses are much riskier than average—6.7x riskier from a shipping perspective. Additionally, Experian’s analysis shows that traffic coming from a proxy server—which could originate from domestic and international IP addresses — is 74 times riskier
then the average transaction.

The riskiest ZIP code for e-commerce fraud in 2017 was 97079 in Beaverton, Oregon according to Experian. In fact, Oregon had nearly half of the top 25 riskiest ZIP codes in 2017. The areas in and around Portland OR occupied 10 of the top 25 spots for riskiest e-commerce transactions. Beaverton’s highest risk international IP county is China.

The Miami Florida area put the sunshine state at #2 in the top 25 with nearly a quarter of the riskiest ZIP codes. Miami had 6 of the top 25 slots for the next most risky ZIP Codes for e-commerce firms. The riskiest Miami ZIP code is 33122. Miami’s highest risk international IP county is Venezuela.

The riskiest Miami zip code is 33122.

South El Monte, California ZIP code 91733 is the third riskiest ZIP code on the Experian list for e-commerce firms to ship to. Experian says that 91733’s highest risk international IP countries are Taiwan and Hong Kong.

South El Monte, Califronia zip code 91733 is the third riskiest zip code

The riskiest Michigan ZIP code is 48204 in Detroit, which ranked 32nd on the list and is only 15% of the risk of Beaverton OR.

The riskiest Michigan Zip code is 48204 in Detroit

Other Michigan ZIP Codes on the top 100 list are:

RankCityStateZip CodeFraud Attack Rate
64DetroitMI48227276.6
68DetroitMI
48206270.3
74DetroitMI48228262.4

The top 25 riskiest ZIP Codes according to Experian. Fraud attack rates show the attempted fraudulent e-commerce transactions against the population of overall e-commerce orders.

RankCityStateZip CodeFraud attack rates
1Beaverton OR970792741.9
2Miami FL331221935.1
3South El MonteCA917331473.5
4Portland OR972511257.6
5Portland OR972501178.6
6Miami FL331661155.1
7Portland OR972521059.4
8Miami FL331981010.6
9Miami FL33195921.7
10Miami FL33192769.1
11Portland OR97253726.2
12Portland OR97230676
13Portland OR97217635.8
14Minden NV89423629.2
15HoustonTX77072625.4
16Portland OR97233623.4
17Wilmington DE19801584.6
18Portland OR97218562.1
19Des Moines IA50314544.1
20Chicago IL60621539.8
21Portland OR97203535.6
22Miami FL33191518.7
23Hillsboro OR97124505.3
24Portland OR97254502.5
25Manchester NH3101490.4

rb-

The increase in e-commerce fraud attacks should not surprise anyone. The growth of online information and the continuing tsunami of data breaches has put over 9.7 billion data records on the dark web. The plethora of stolen PII enables criminals to open fraudulent accounts, take over legitimate accounts and submit fraudulent transactions.

Another reason for the increase in online fraud activity is automation. In the past, criminals needed to do something, but they can now attack by simply downloading a file and automating the submission of thousands of applications or transactions
simultaneously.

Related article

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , ,
| July 2, 2015
Comments Off on The Enemy Within at School

The Enemy Within at School

The Enemy Within at SchoolNaked Security reports on a hack that combines two of our favorite things on the Bach Seat, Florida, and lax data security at school. The way the Sophos blog tells the story, a 14-year-old Florida boy is charged with being a hacker by trespassing on his school’s computer system.

Florida school hacker

The charges came after he shoulder-surfed a teacher typing in his password and used it without permission to trespass in the network. The student then tried to embarrass a teacher he doesn’t like by swapping his desktop wallpaper with an image of two men kissing.

an offense against a computer system and unauthorized accessA Tampa Bay Times article says that an eighth-grader was recently arrested for “an offense against a computer system and unauthorized access.” This is a felony in Fla. Sheriff Chris Nocco said that the teen logged onto the network of a Pasco County School District school using an administrative-level password without permission.

A spokesman for the Pasco County Sheriff’s Office told Network World that the student was not detained. Rather, he was questioned at the school before being released to his mother. His sentence remains to be seen, But at this point, it’s looking like the boy isn’t going to suffer much more than a 10-day school suspension. Sheriff’s detective Anthony Bossone says is likely to be “pretrial intervention” by a judge with regards to the felony charge, the Tampa Bay Times reports. Naked Security says this is the student’s second offense.

Old school securityWhen the newspaper interviewed the student, he said that he’s not the only one who uses that password. Other students commonly log into the administrative account to screen-share with their friends, he said. It’s a well-known trick, the student said. He claimed the password was a snap to remember, it’s just the teacher’s last name, which the boy says he learned by watching the teacher type it in.

The sheriff says that the student didn’t just access the teacher’s computer to pull his wallpaper prank. He also reportedly accessed a computer with sensitive data – the state’s standardized tests (now we know why he is in trouble – NCLB! – Common Core!!while logged in as an administrator. Those are files he well could have viewed or tampered with, though he denies having done so. Sheriff Nocco says that’s the reason why this can’t be dismissed as being just a bit of fun. Even though some might say this is just a teenage prank, who knows what this teenager might have done.

I logged out of that computer and logged into a different one and I logged into a teacher’s computer who I didn’t like and tried putting inappropriate pictures onto his computer to annoy him.

in typical HS-er logic, he told the newspaper:

If they’d have notified me it was illegal, I wouldn’t have done it in the first place. But all they said was ‘You shouldn’t be doing that.

Idaho school hacker

rented a cloud based botnet to launch a distributed denial of serviceAnother report from the other side of the continent comes from Engadget. They report that a teenager from Idaho took advantage of the latest trend in online criminal activity. He likely rented a cloud-based botnet to launch a distributed denial of service (DDos) against the largest school district in Idaho. The alleged DDoS took down the school district’s internet access according to media reports.

KTVB News reports that the 17-year-old student paid a third party to conduct a distributed denial-of-service attack/ The attack forced the entire West Ada school district offline. The act disrupted more than 50 schools, bringing everything from payroll to standardized tests (More high stakes testing – NCLB! Common Core!!) grinding to a halt. Unfortunate students undertaking the Idaho Standard Achievement test had to go through the process multiple times because the system kept losing their work and results.

State and Federal felony chargesThe report goes on to say that authorities have found the Eagle High student from their IP address. The students could now face State and Federal felony charges. If found guilty, the unnamed individual is likely to serve up to 180 days in jail, as well as being expelled from school. In addition, the suspect’s parents will be asked to pay for the financial losses suffered as a consequence of the attack.

rb-

Many school networks have bigger pipes than the business world. Some EDU networks I have worked on have had 10 GigE for years. In the rest of the online world, these incidents would serve as a wake-up call to network managers that hey, we might be at risk too, but not schools. Oh yeah – Passwords are Evil

Rightly or wrongly schools rely on the Intertubes for their core business – instruction, and NCLB high-stakes testing. However, they do not take steps to protect themselves. Administrators fight common tactics like periodic password changes, enforcing password complexity, or blacklisting common weak passwords. None bother with an anti-DDOS strategy let alone buying a tool to fight off a denial of service attack.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , , ,