Archives 2018

IC3 Annual Report – 2017 Internet Crime Report

by Billy J Long FBI - IC3

Dear Reader,

2017 was a milestone year for the FBI’s Internet Crime Complaint Center (IC3). On October 12, 2017, at 4:10pm, the IC3 received its 4 millionth consumer internet crime complaint.

As the lead federal agency for investigating cyber-attacks by criminals, overseas adversaries, and terrorists, the FBI’s IC3 provides the public with a trustworthy and convenient reporting mechanism to submit information concerning suspected Internet facilitated criminal activity. The IC3 also strengthens the FBI’s partnerships with our law enforcement and private industry partners. As cyber criminals become more sophisticated in their efforts to target victims, we must continue to transform and develop in order to address the persistent and evolving cyber threats we face.

The 2017 Internet Crime Report emphasizes the IC3’s efforts in monitoring trending scams such as Business Email Compromise (BEC), Ransomware, Tech Support Fraud, and Extortion.
The report also highlights the Elder Justice Initiative promoting justice for the nation’s seniors. In 2017, IC3 received a total of 301,580 complaints with reported losses exceeding $1.4 Billion.

This past year, the most prevalent crime types reported by victims were Non-Payment/NonDelivery, Personal Data Breach, and Phishing. The top three crime types with the highest
reported loss were BEC, Confidence/Romance fraud, and Non-Payment/Non-Delivery.

This year’s report features success stories from two different successful cases initiated from
IC3 complaints. Additionally, the Operation Wellspring (OWS) Initiative continues to build the cyber investigative capability by utilizing Cyber Task Force officers, thus strengthening state
and local law enforcement collaboration.

We hope this report provides additional information of value as we work together to protect our nation against cyber threats.

Scott S. Smith
Assistant Director
Cyber Division
Federal Bureau of Investigation

Read the full report here: https://www.ic3.gov/Media/PDF/AnnualReport/2017_IC3Report.pdf

Introduction to Proxy Servers

by Billy J Long Guidance, PSA Articles

Article (PSA‑0008) – Introduction to Proxy Servers

Every device that talks to the Internet must have an address that other computers can use to reply. That address is your **public IP address** – the number your ISP (Internet Service Provider) assigns to the modem/router that connects you to the outside world.

Where Does the Public IP Come From?

  • The ISP (e.g., AT&T, Suddenlink, Frontier, local fiber providers) hands out a dynamic or static IP address when you sign up for service.
  • Most residential connections use **dynamic IPs** that can change when the modem restarts; business lines often use **static IPs** for easier remote access.
  • Your public IP reveals roughly *where* the request originated (city‑level location) and is linked to the account you purchased from the ISP.

What Is a Proxy Server?

The word *proxy* means “substitute.” In networking, a **proxy server** acts as an intermediary between your computer (the client) and the destination server on the Internet. The client sends its request to the proxy; the proxy forwards the request, receives the response, and then passes that response back to the client.

Common Types (brief overview)

  • Forward proxy – Used by end‑users (you) to reach any public website. This is what most “web proxy” services provide.
  • Reverse proxy – Placed in front of a web‑server farm to distribute traffic, perform caching, or add security (e.g., Cloudflare, Nginx).
  • Transparent proxy – Intercepts traffic without requiring manual configuration; often used in corporate or school networks.
  • SOCKS5 proxy – Works at a lower network layer, forwarding any TCP/UDP traffic (useful for torrenting, SSH, or non‑HTTP apps).

How a Forward Proxy Works – Simple Flow

  1. Your browser (or another app) is configured to use a proxy (IP + port).
  2. You request https://psa-2.com in the address bar.
  3. The request is sent to the proxy server instead of directly to the Internet.
  4. The proxy opens a connection to psa-2.com and forwards your request.
  5. The web server sends the page back to the proxy.
  6. The proxy relays the page to your browser. To the web server, the request appears to come from the proxy’s IP, not yours.

Benefits of Using a Proxy

  • IP masking – The destination sees the proxy’s address, helping protect your personal IP.
  • Content filtering – Organizations can block known malicious sites or categories (e.g., gambling, social media).
  • Cache & bandwidth saving – Frequently accessed resources can be stored locally, reducing external traffic.
  • Access control – Requiring authentication before allowing outbound web traffic.
  • Basic anonymity – Combined with header or user‑agent changes, a proxy can make it harder for trackers to uniquely fingerprint a browser.

Potential Risks (Fair Warning)

  • Untrusted or free proxies may log every URL you visit, inject ads, or even serve malware.
  • Man‑in‑the‑middle (MitM) threats – If a proxy does not use HTTPS tunneling (the CONNECT method), it can alter the content you receive.
  • Loss of TLS protection – When a proxy terminates HTTPS, the connection between you and the proxy is encrypted, but the proxy‑to‑site link may be unencrypted unless the proxy forwards a proper TLS tunnel.
  • Performance impact – Extra hop can add latency, especially with overloaded or distant proxy servers.
  • Legal & policy concerns – Some services block known proxy IP ranges; using a proxy to evade geo‑restrictions can violate terms of service.

Best‑Practice Checklist for Safe Proxy Use

  1. Choose a reputable provider. Look for a clear privacy policy, no‑log claims, and TLS/HTTPS support.
  2. Prefer HTTPS‑aware proxies. Modern web proxies support the CONNECT method, preserving end‑to‑end encryption.
  3. Enable “SSL/TLS verification.” The proxy should validate the remote certificate to prevent spoofed sites.
  4. Combine with a VPN for stronger privacy. A VPN encrypts all traffic before it reaches the proxy, so the proxy cannot see the original source IP.
  5. Use authentication. Corporate proxies often require a username/password or single‑sign‑on (SSO) – this limits abuse.
  6. Regularly review proxy logs (if you administer one). Look for unusual destinations or volume spikes that could indicate abuse.
  7. Know when a proxy is unnecessary. For simple web browsing, a well‑configured VPN often provides better privacy with less risk.

Conclusion

Proxy servers can be useful tools for privacy, content control, and bandwidth optimization, but they must be chosen and configured carefully. An untrusted, free proxy can become a privacy nightmare, while a well‑run corporate proxy (or a reliable commercial service) adds a valuable layer of protection. For most home users who simply want encrypted, private browsing, a reputable VPN is often the safer and easier choice.

Disclaimer

This article is for **informational purposes only**. PSA Computer Services does **not** offer proxy services, nor do we sell, install, or manage proxy solutions. For guidance on selecting a trustworthy proxy provider or configuring a proxy, please consult a qualified network or security specialist.

What Are Managed Services

by Billy J Long Guidance, PSA Articles

Article (PSA‑0007) – What Are Managed Services? (Updated 2025)

A **Managed Services Provider (MSP)** is a trusted IT partner that assumes ongoing responsibility for monitoring, maintaining, and supporting a defined set of technology assets on behalf of a business. The MSP handles routine tasks (patching, backups, alerts) and escalates or resolves issues so you can focus on core business activities.

Key Characteristics (2025)

  • Proactive monitoring – Cloud‑based Remote Monitoring & Management (RMM) platforms to spot problems before they cause downtime.
  • Security‑first mindset – Managed firewalls, endpoint detection & response (EDR), phishing simulations.
  • Scalable service tiers – From basic monitoring to fully‑managed environments that include help‑desk, device provisioning, disaster‑recovery testing, and strategic IT planning.

Typical Managed Services Offering

  • Monitoring & Alerting – 24/7 device health checks, performance dashboards, and automated ticket creation.
  • Patch & Update Management – OS, firmware, and third‑party application updates with rollback capability.
  • Backup & Disaster Recovery – Automated 3‑2‑1 backups, nightly snapshots, and regular restore testing.
  • Security Services – Firewall management, EDR, vulnerability scanning, MFA rollout, and security awareness training.
  • Help‑Desk & End‑User Support – Remote troubleshooting, on‑site visits when needed, ticket tracking, and SLA‑driven response times.

Why Small Businesses Need Managed Services

Even a modest office relies on a complex mix of devices, software, and internet services. When those pieces break, productivity—and revenue—suffer.

  • Predictable costs – A monthly subscription replaces surprise emergency‑repair bills.
  • Reduced downtime – Proactive monitoring and rapid incident response keep email, CRM, accounting, and point‑of‑sale systems online.
  • Security compliance – MSPs keep patches up‑to‑date.
  • Focus on core business – You don’t need an in‑house “IT jack‑of‑all‑trades”; the MSP handles the day‑to‑day tech grind.
  • Scalable expertise – As you add users, or devices, the MSP grows with you without a hiring surge.

Pricing Models (2025 Landscape)

  • Per‑device / per‑user subscription – Most common; you pay a flat fee for each workstation, server, or user license.
  • Tiered service packages – Basic, Standard, Premium* tiers determine response time, on‑site coverage, and breadth of services.
  • Value‑based pricing – Some MSPs tie fees to measurable outcomes (e.g., downtime reduced < 5 % or compliance level achieved).
  • Project‑based add‑ons – Network redesign, or security assessments billed separately.

What to Look For When Choosing an MSP

  1. Service Level Agreement (SLA) – Clearly defined response and resolution times (e.g., 1‑hour critical response).
  2. Certifications & expertise – Microsoft Certified Partner, CompTIA Security+, Cisco CCNA, or vendor‑specific cloud certifications.
  3. Transparent RMM & ticketing – Access to a portal where you can view real‑time alerts, open tickets, and historical reports.
  4. Backup & DR testing – Verify that backups are encrypted, stored off‑site, and that restore tests are performed quarterly.
  5. On‑site support options – Even with remote tools, occasional hands‑on work may be needed; ensure reasonable travel‑fee structures.

Ready to Get Started?

Whether you need basic monitoring or a fully managed IT environment, PSA Computer Services can tailor a solution that fits your budget and growth plans.

Call us today at (707) 506‑6802 to discuss your needs, receive a customized quote, and schedule a free initial IT health assessment.