Archives 2021

Article (PSA‑0017)

Why Knowing What Happens “Under the Hood” Helps

We all send and receive email every day, but only notice a problem when a message won’t go out or an inbox stays empty. Understanding the basic flow and the protocols involved can save you time, frustration, and even money.

Email Flow – From You to the Recipient

1. You compose the message in an email client (Outlook, Thunderbird, Apple Mail, etc.) and click **Send**.
2. The client talks to your outgoing mail server using the **SMTP** protocol (usually on port 587 or 465 with TLS). The server accepts the message and places it in a queue.
3. The SMTP server looks up the recipient’s domain (e.g., example.com) via DNS MX records, then hands the message off to the recipient’s inbound server.
4. The inbound server stores the message until the recipient’s client retrieves it.
5. The recipient’s client uses either **IMAP** or **POP3** (both over TLS) to download the message, then displays it in the inbox.

Key Email Protocols

Outgoing – SMTP (Simple Mail Transfer Protocol)

• Used **only** for sending mail.
• Modern servers require encryption (STARTTLS on port 587 or SMTPS on port 465).
• Often works with OAuth 2.0 authentication (e.g., Google, Microsoft 365) rather than plain passwords.

Incoming – IMAP vs. POP3

• IMAP (Internet Message Access Protocol) – Port 993 (TLS)
  • Keeps mail on the server.
  • Syncs folders across all devices (phone, laptop, desktop).
  • Supports server‑side searching and multiple mailboxes.
• POP3 (Post Office Protocol) – Port 995 (TLS)
  • Downloads mail to the local device and (by default) removes it from the server.
  • Good for a single device with limited storage, but makes multi‑device access painful.
• Even when POP3 is used, most providers now keep a copy on the server for a short grace period.

Choosing the Right Receive Protocol

• If you need to read mail on multiple devices (phone, tablet, work PC) – choose **IMAP**.
• If you only ever use one device and want to store mail locally – POP3 will work, but IMAP is still the safer default.

Quick Troubleshooting Checklist

1. Can you connect to the internet? Verify Wi‑Fi/Ethernet works.
2. Sending problems?
   • Check SMTP server name, port, and encryption.
   • Confirm username/password (or OAuth token) is correct.
   • Look for any firewall or antivirus that might block outbound port 587/465.
3. Receiving problems?
   • Verify IMAP (or POP3) server address, port, and TLS setting.
   • Make sure the account isn’t set to “offline” or “work offline”.
   • Check that your mailbox isn’t full (many providers impose a quota).
4. Authentication errors? Many providers now require **app‑specific passwords** or **OAuth 2.0**; generate a new credential in your account portal.
5. Still stuck? Capture the exact error message and give it to your IT support team – it often points directly to the mis‑configured setting.

Bottom Line

Understanding the three core protocols—SMTP for sending, IMAP/POP3 for receiving—lets you diagnose most common email issues quickly. Use IMAP whenever you want seamless access from multiple devices; stick with POP3 only if you have a strong need to keep mail solely on one machine.

Need a Hand?

If you have questions about configuring your email client, fixing sending/receiving problems, or setting up a more secure authentication method, call PSA Computer Services at (707) 506‑6802. We’ll get your inbox back on track.

Article (PSA‑0016)

Microsoft announced that Windows 11 will replace Windows 10 as the latest desktop operating system. The upgrade will be offered **free of charge** to eligible Windows 10 PCs, but only if the hardware meets the new system requirements.

Minimum System Requirements (as of 2025)

• 64‑bit processor (dual‑core ≥ 1 GHz). Supported families include:
  • Intel 8th‑generation or newer (i3/i5/i7/i9)
  • AMD Ryzen 2000 series or newer
• 4 GB RAM (8 GB recommended for smoother performance)
• 64 GB storage (SSD preferred for faster load times)
• Display: ≥ 720p (1280 × 720) with at least a 9‑inch diagonal
• UEFI firmware with **Secure Boot** enabled
• TPM 2.0 chip (hardware‑based security)
• DirectX 12 compatible graphics (or later) – required for the new visual features and gaming enhancements

Key Differences from Windows 10

• 64‑bit only – No 32‑bit edition. Existing 32‑bit applications will run under Windows 11’s 64‑bit compatibility layer.
• New user interface – centered Start menu, refreshed taskbar, and rounded‑corner windows. It’s a visual shift, but familiar functionality remains.
• Gaming‑focused features – Auto HDR, DirectStorage, and DirectX 12 Ultimate. Helpful for gamers, neutral for most business users.
• Update cadence – Microsoft is moving to **one major feature update per year** (plus security patches), which should reduce the disruption many users experienced with two‑per‑year rollouts in Windows 10.

Upgrade Path

• The upgrade is **free** for eligible Windows 10 devices.
• There is **no deadline** to start the upgrade; you can remain on Windows 10 until you choose to move.
• When you do upgrade, the installer will verify hardware compatibility. If your PC falls short, you’ll be prompted to either continue with a limited install or keep Windows 10.
• OEMs (computer manufacturers) will continue to purchase Windows 11 licenses for new systems.

Quick Compatibility Checklist

1. Run the PC Health Check tool to see if your machine meets the requirements.
2. Confirm the BIOS/UEFI settings have Secure Boot and TPM 2.0 enabled.
3. Check for at least 4 GB of RAM (8 GB is better) and 64 GB of free storage.
4. Verify the graphics driver supports DirectX 12 (or later).
5. If any item is missing, consider a hardware upgrade (e.g., adding more RAM or swapping to an SSD).

What This Means for You

For most business users the shift to Windows 11 will be a modest change—core productivity apps still work, and the single‑per‑year update cycle should make life simpler. The new UI may require a short period of adjustment, but it is designed to be more streamlined.

Need Guidance?

If you have questions about Windows 11 compatibility, upgrading your hardware, or simply want help planning the transition, call PSA Computer Services at (707) 506‑6802. We’ll walk you through the process and make sure your system is ready.

Article (PSA‑0015)

Receiving spam is annoying. Seeing that same spam is being sent **with your own address** is even worse. When that happens one of two things is going on:

1. Spoofing – the attacker forges the From: field so the message looks like it came from you, even though they have no access to your account.
2. Hijacking – the attacker has actually taken control of your email account, can read your messages, see your contacts, and send mail as you.

What Spoofing Looks Like (and What You Can’t Do About It)

• Messages appear in recipients’ inboxes with your address as the sender.
• The source IP is usually a compromised computer far away – not yours.
• There is currently no reliable way to **prevent** spoofing, nor to know who is doing it.
• Spoofers typically move on quickly; most providers will temporarily block the offending address if the volume spikes.

Hijacking Is Treatable – How to Recover Your Account

1. Try to log in from a clean device (or use a browser’s private/incognito mode). If you can’t sign in, click the provider’s “Forgot password?” or “Need help?” link.
2. Reset the password immediately.** The password‑reset email must be claimed before the attacker does.
3. If the reset link has already been used or you can’t receive it, contact the email provider’s support team (e.g., Gmail, Outlook, Yahoo) and explain that your account has been compromised.
4. After you regain access, review security settings:
   • Enable **multi‑factor authentication (MFA)** if it’s available.
   • Check for any forwarding rules, auto‑responders, or linked applications you didn’t create and delete them.
5. Change passwords on any other services where you reused the same credentials.** Attackers often try those next.
6. Send a brief apology to anyone who received spam from your address, letting them know you’ve secured the account.

Prevent Future Compromise – Four Simple Steps

• Strong passwords: at least 9 characters, mixing upper‑ and lower‑case letters, numbers, and symbols.
• Unique passwords per account: use a password manager to keep track.
• Enable multi‑factor authentication (MFA): adds a second verification step (code text, authenticator app, hardware key).
• Never send passwords by email: never include login credentials in any message.

Need a Hand?

If you suspect your email has been spoofed or hijacked and you need help getting it back under control, call PSA Computer Services at (707) 506‑6802. We’ll guide you through recovery and bolster your security.

Dear Reader,

The mission of the FBI is to protect the American people and uphold the Constitution of the United States. This mission includes our efforts to combat financial crimes targeting seniors. The FBI, in alignment with the Department of Justice Elder Fraud Initiative and the efforts of our internal and external partners, is committed to this mission. It is from this commitment to the American people that the FBI provides the public an avenue to report fraud through the Internet Crime Complaint Center (IC3).

The IC3 receives and tracks thousands of complaints daily, reported by victims of fraud. This reporting is key to identifying, investigating, and holding those responsible accountable for their actions. Victims of fraud have the option to identify their age range when submitting a complaint to IC3; the information contained in this report is derived from complaints submitted by or on behalf of victims aged 60 and over.

Each year, millions of elderly Americans fall victim to some type of financial fraud or internet scheme, such as romance scams, tech support fraud, and lottery or sweepstake scams. Criminals gain their targets’ trust or use tactics of intimidation and threats to take advantage of their victims. Once successful, scammers are likely to keep a scheme going because of the prospect of significant financial gain.

In 2020, IC3 received a total of 791,790 complaints with reported losses exceeding $4.1 billion. Based on the information provided in the complaints, approximately 28% of the total fraud losses were sustained by victims over the age of 60, resulting in approximately $1 billion in losses to seniors. This represents an increase of approximately $300 million in losses reported in 2020 versus what was reported by victims over 60 in 2019.

To educate the public and provide as much information on the types of frauds targeting seniors as possible, the IC3 is offering its first publication of the 2020 IC3 Elder Fraud Annual Report. This report is a companion report to the 2020 IC3 Annual Report released in March 2021. These reports, along with other publications, are available at www.IC3.gov.

It is only by victims reporting fraud that we can identify trends, educate the public, and support investigations, and nowhere is this more important than crimes against seniors.

Calvin Shivers
Assistant Director
Federal Bureau of Investigation
Criminal Investigative Division

Read the full report here: https://www.ic3.gov/Media/PDF/AnnualReport/2020_IC3ElderFraudReport.pdf

Dear Reader,

In 2020, while the American public was focused on protecting our families from a global pandemic and helping others in need, cyber criminals took advantage of an opportunity to profit from our dependence on technology to go on an Internet crime spree. These criminals used phishing, spoofing, extortion, and various types of Internet-enabled fraud to target the most vulnerable in our society – medical workers searching for personal protective equipment, families looking for information about stimulus checks to help pay bills, and many others.

Crimes of this type are just a small part of what the FBI combats through our criminal and cyber investigative work. Key to our cyber mission is the Internet Crime Complaint Center (IC3), which provides the public with a trustworthy source for information on cyber criminal activity, and a way for the public to report directly to us when they suspect they are a victim of cyber crime.

IC3 received a record number of complaints from the American public in 2020: 791,790, with reported losses exceeding $4.1 billion. This represents a 69% increase in total complaints from 2019. Business E-mail Compromise (BEC) schemes continued to be the costliest: 19,369 complaints with an adjusted loss of approximately $1.8 billion. Phishing scams were also prominent: 241,342 complaints, with adjusted losses of over $54 million. The number of ransomware incidents also continues to rise, with 2,474 incidents reported in 2020.

Public reporting is central to the mission and success of IC3. Submitting a cyber crime complaint to IC3.gov not only helps the FBI address specific complaints—and provide support and assistance to victims —but also helps us prevent additional crimes by finding and holding criminal actors accountable. Information reported to the IC3 helps the FBI better understand the motives of cyber-criminals, the evolving threat posed, and tactics utilized, enabling us to most effectively work with partners to mitigate the damage to victims.

IC3 has continued to strengthen its relationships with industry and others in the law enforcement community to reduce financial losses resulting from BEC scams. Through the Recovery Asset Team, IC3 worked with its partners to successfully freeze approximately $380 million of the $462 million in reported losses in 2020, representing a success rate of nearly 82%. In addition, IC3 has a Recovery and Investigative Development Team which assists financial and law enforcement investigators in dismantling organizations that move and transfer funds obtained illicitly.

With our dedicated resources focused on recovering funds and preventing further victimization, we are better aligned to confront the unique challenges faced in cyberspace. Visit IC3.gov to access the latest information on criminal Internet activity.

We strongly encourage readers to submit complaints to IC3 and to reach out to their local FBI field office to report malicious cyber criminal activity. Together we will continue to build safety, security, and confidence into our digitally connected world.

Paul Abbate
Deputy Director
Federal Bureau of Investigation

Read the full report here: https://www.ic3.gov/Media/PDF/AnnualReport/2020_IC3Report.pdf