No, we’re not going to try to fix your printer. Here’s why. (Part 1 of 2)

The printer pictured at the top of this post is my recently failed Canon MAXIFY MB5120, an all-in-one inkjet printer I’ve had a love/hate relationship with pretty much ever since I bought it. I loved that it printed very well and scanned very competently, at least when it worked properly. I hated the haphazard way that Canon implemented its otherwise thoughtful feature set. For example, the printer offers fairly robust paper handling, but it is so inconvenient to change paper types on this model that I mostly found myself trying to avoid doing so. I loved that this printer is primarily intended to be used as a network printer, but hated that it took at least five minutes for the printer to wake up its network interface and connect to my (wired!) network after being power cycled. But most of all, I hated the frequency with which its print head would become partially clogged. For most of the time I’ve had this printer, I could never be sure if a print job was going to print in full color or not.

This printer is not “dead”. Notice that I said it had merely “failed”. It could be fixed, if someone wanted to do so badly enough. The problem is that it needs a new print head, and the cost of a new print head is close to what I paid for the whole printer. That’s more than I’m willing to pay to fix a printer that I’m not enamored with, even at today’s new printer prices, especially considering that a new print head probably wouldn’t perform better or last longer than the original one did. But the tale of how I got to this point with my printer will demonstrate to you why I generally won’t attempt to fix clients’ printers.

As I wrote earlier, this printer has always had problems with clogging print head nozzles, no matter whose ink I used in the printer. The trouble started even before I ran out of the Canon brand ink that came with the printer. I’m also quite sure the problems weren’t caused by the print head drying out, because I normally print upwards of 20 full color pages per week. Whatever the cause, certain colors wouldn’t print consistently; sometimes, it depended on whether I was printing on plain paper, envelopes, card stock or photographic paper. When the problem became consistent, I would run the built-in cleaning cycle, and if that didn’t clear things up, I’d run the deep cleaning cycle. Usually, one or two deep cleans would get things looking right again, but by the time the printer was six months old, the built-in cleaning cycles weren’t doing any good.

I suppose I could have made a warranty claim at that point. However, the Canon MAXIFY MB5120 has a print head that can be removed fairly easily for cleaning (or replacing), unlike the printer it replaced, an Epson WorkForce WF3640 all-in-one. (Part 2 of this series will discuss more about this.) A simple head cleaning seemed like a task that should be easy enough for one who fixes computer equipment for a living, so I looked up the procedure for my MAXIFY MB5120 and went to work on it. Getting the print head out was easy enough; finding ways to flush the print head out with solvent was more challenging. The job took me the better part of 2 hours, and I left the print head out to dry overnight, but when I put the print head back in, the printer was back to printing normally. Annoyingly, there was enough solvent left in the print head that it took about 50 pages worth of printing before the ink stopped smudging, but overall, it was a win.

About a year (and two sets of compatible ink cartridges later – so there, Canon!), I had to clean the print head again. The procedure and inconvenience were the same as the first time, but again, I had a working printer when I was done. The printer continued to work reasonably well for another year and a quarter.

Then, about a week and a half ago, the printer started producing muddy, inaccurate colors, skewing to red/brown. Clearly, there was a problem with cyan ink delivery. In fact, the built-in nozzle test print showed that the printer wasn’t squirting any cyan ink at all. The built-in cleaning and deep cleaning cycles didn’t restore even a little cyan ink flow, so out came the tools, and out came the print head for another manual cleaning. Only this time, when I put the print head back in, it still wasn’t delivering any cyan ink. Well, that wasn’t good. I could see the ink flowing during my cleaning procedure, so I was sure I wasn’t just experiencing a bad clog. Then the printer began having trouble recognizing the ink tanks. That combination is a pretty good sign of a print head gone south.

I went searching online for a replacement print head, but quickly discovered that the only thing harder than finding a print head for this printer that cost less than I had paid for the whole printer was finding one that I could get in the first place. Most sellers were out of stock. That wasn’t surprising, because my printer is almost three years old, and Canon doesn’t seem to be producing it anymore. (It’s still available as new-old stock from some online sellers, for about twice what I paid for it, but I don’t like this printer enough to pay that much for another one.) I finally found an Amazon seller offering the print head for just over $50, so I went for it.

A few days later, my replacement print head arrived. The inner foil package was torn open, the plastic head protector was missing and there were drops of clear liquid all over it; not good signs. Nevertheless, I installed it in the printer, put in my ink tanks, powered up the printer and… the printer displayed an error code. It didn’t take much troubleshooting to determine that I had received a faulty print head, so I filed for a return, and the seller sent out another one. The second print head looked more promising, as the package was properly sealed. The printer didn’t display any errors after I installed it, but when I printed the nozzle test, the cyan, yellow and magenta test patterns were fine, but there was a big gap in the black test pattern. I ran another cleaning cycle, followed by a deep clean, neither of which fixed the problem. Not surprisingly, when I tried printing a web page as a live test, much of the black text was unreadable. It was now apparent that a) the print head seller was peddling refurbished print heads, and b) he was doing a poor job of refurbishing them. I filed for another return, and was only offered the option for a refund this time, which was just as well because I really didn’t want to find out if the third time would be the charm or not. So, I am now in the market for a new printer, which will be Part 2 of this series.

Let’s recap what this process has entailed so far, and the amount of time I’ve wasted doing it. First, there was the job of trying to clean the original print head. That took about two hours of my time, not counting downtime for the printer. Then there was shopping around for a replacement print head, which took about another hour and a half. Then we have removing three print heads and installing two (remove original, install first replacement, remove first replacement, install second replacement, remove second replacement), each of which took about 15 minutes. Finally, there will be the time and inconvenience of taking the defective print heads to my nearest Amazon dropoff so I can get my purchase price back, which will be another half-hour. All together, that’s 5.25 hours, which would be up to $446.25 of billable time, if I were doing this for a client.

And there’s the rub, as Shakespeare might have said. Most inkjet printers aren’t worth $446.25. In fact, even with today’s inflation goosed, supply chain affected printer prices, most of you would be loath to spend more than $300 on a brand-new inkjet printer, much less $400+ to fix an old one. That’s why if you call to ask me to come and fix your printer, I will most likely tell you to just replace it. It’s not because I’m lazy or I feel that printer repairs are beneath me. It’s because I know from experience that trying to fix your printer will cost too much money with too little chance of success to be worth the attempt. In the end, you’ll spend less money and be more satisfied if you cut your losses and buy a new one.

My Email Was Hacked! (No, it wasn’t.)

Every two or three weeks, I get a call from someone who is sure their email was hacked. As the title of this post implies, in every case to date, I have found that their email was not, in fact, hacked, but there are a number of reasons why someone not thoroughly familiar with how the online world works might think otherwise. Note that just because someone’s e-mail wasn’t hacked doesn’t mean that a bad actor didn’t gain access to it. The purpose of this post is to help you understand how this actually happens and what you can do to protect your email account.

Hacking vs. Cracking

Let’s start with proper terminology: If someone gains access to your email account, or any other account or device you have, that isn’t hacking per se. “Hacking” means writing a short computer program for some very specific purpose. That purpose isn’t necessarily malicious. In fact, traditionally, it wasn’t malicious. Think in terms of “life hacks” featured in YouTube videos that show you how to soften butter faster for baking, or get wrinkles out of shirts without ironing, or build a mousetrap for less than $1.00. In the programming world, “hacking” is, quite literally, coding a hack, i.e., writing a bit of program code that solves a specific or unanticipated problem. For example, one of my clients depends heavily on being able to access data on a NAS via certain drive letters. Windows sometimes “forgets” those drive mappings, so I wrote a hack for them, in the form of a batch script, that re-establishes their drive mappings.

The proper word for breaking into a device or account is “cracking”.

Once upon a time, cracking usually involved hacking, although as you’ll see later in this post, that is usually no longer the case. Therefore, I’m going to use the words “crack”, “cracked” and “cracking” when referring to accessing someone’s account or device without permission.

How Can You Be So Sure That My Email Wasn’t Cracked?

The short answer is because cracking the security on email servers is hard, and crooks are lazy.

As I’ve said often, the days when people wrote malware, broke into computers and committed other online mischief just to get a thrill or show off or maybe find a job as a programmer are long gone. That’s not to say people no longer desire those things; it’s just that technology has provided more effective ways to get them.

Nowadays, people trying to get into other people’s accounts are usually trying to steal money. The attempt may be direct, like getting into someone’s bank account, or indirect, like using someone’s e-mail address to send out scammy spam mail that tries to bilk lots of people out of their savings. On rare occasions, the unauthorized access may be the work of an online stalker or cyberbully, but most of the time, money is the motive.

What nearly all modern cyber-criminals have in common is that they’re lazy and impatient. Getting good enough at cracking to breach logon security takes a lot of time, effort and money. That’s why I can be so certain that your email wasn’t cracked. Server software companies learned decades ago that as long as their logon systems were easy to defeat, there would be crackers breaking in, so they made logon systems among the toughest to crack. That’s not to say cracking them is impossible. If you’re enough of a celebrity or your work involves the sort of information that international spy organizations want, there might just be enough motivation for a bona fide professional cracker to break into whatever computer systems you use and get it. And if you’re one of those high-risk individuals, then I recommend you stop reading here and go find yourself a very high-level cybersecurity company to protect your digital assets. But the overwhelming majority of us aren’t worth that kind of effort, and the petty crooks and schnooks who want access to our accounts aren’t motivated, patient or capable enough to crack in.

But someone got into my email! If they didn’t hack/crack in, how’d they get in?

The short answer is that you gave them your email address and password.

Previously, I said that cracking into servers, particularly email servers, is too hard for most of us to be worth the effort, and I stand by that statement. But it’s very easy and inexpensive to trick people into handing over their account logon information, and so that’s what modern cybercriminals do. Here are the most common ways this is done:

Phishing

This is, by far, the most common method of stealing email passwords, as well as other kinds of account credentials, and even personal information. Since we started talking about people thinking their email had been hacked, I’ll pick on that. The perpetrator composes an email message intended to look as though it came from a popular email provider, such as Google (GMail), Yahoo or Microsoft (Outlook.com). The email will claim that your account has been compromised, that the company is cleaning up old accounts and you need to prove that you’re actually using yours so they don’t close it, or some other persuasive come-on to get you to click on a convenient link and log on. If you click on the link, it takes you to a web site that looks like your regular GMail, Yahoo Mail or Outlook.com logon page. And if you then type in your email address and password, it will add those to a list of email account credentials the crook has been collecting, then, most likely, pass you through to your real email account.

The reason you have no recollection of having been phished is because the crooks rarely make use of the addresses and passwords they collect. Instead, they collect them for awhile, then sell their lists on the so-called Dark Web, which refers collectively to shady web sites where stolen information is bought and sold. Whoever buys that list will eventually make use of your credentials, but that probably won’t happen until months after the phishing incident took place.

Malware

While less common than phishing, there have been incidences of malware being used to capture account credentials and report them via the Internet to a server-side program being run by cyber-criminals to collect them, either for their own use or for selling on the Dark Web. A number of data breaches reported by major companies in recent years were perpetrated by such malware.

The most difficult part of using malware to steal account credentials is getting the malware installed on a targeted computer. Computers running up-to-date versions of Windows or Mac OS have enough anti-malware software built right in to foil typical attempts to run malware on them. Some of the corporate data breaches of the last few years were perpetrated by insiders, who were employees who were disgruntled, bribed or new hires who were part of the cyber-criminal ring. In other cases, phishing or tech support scam pages were used to trick employees into turning off their computers’ antivirus software and installing them malware, or allowing a criminal to remote in using common remote control software to run the malware.

OK, so someone got into my email because they have my password. What do I do now?

If you still have access to the account, log into it right away, change the password and make sure your account recovery information, typically a cell phone number and an alternate e-mail address, is set so that you and only you receive account recovery and password change request messages. This will lock out the unauthorized person and any ‘bots sending out spam via your account.

And what can I do to prevent this from happening again?

The single best thing you can do to prevent an account takeover – which is what generally happens after your email account credentials end up in the wrong hands – is to turn on two-factor authentication (2FA), sometimes called multi-factor authentication (MFA). Doing this requires anyone wanting to log into your email to have physical access to a second device, usually your cell phone, in order to log into your account, even if they have your e-mail address and password. That, combined with making sure your account recovery information is up-to-date, makes your account extremely difficult to take over.

2FA/MFA works by either sending a message to your second device anytime you want to log into your email, or by requiring a code generated by a smartphone app, such as Google Authenticator. It’s a minor inconvenience, but one well worth bearing, as it makes an account takeover almost impossible.

2FA/MFA is fine for people who access their email via a web browser, but it was a tough sell for those who use 3rd party email client software, such as Windows Mail and Mozilla Thunderbird, as it locked those programs out. Fortunately, 3rd party email clients have evolved to work with 2FA/MFA or their alternatives. For example, Mozilla Thunderbird can display a GMail logon page, and it is also designed to work with the Oauth2 protocol that GMail uses to allow 3rd party software to work with it.

But it’s so convenient to use the same password for more than just email. Is there anything else I can do to foil phishing?

YES!

For starters, get a password manager that will store your passwords invisibly and securely, will fill them in for you whenever you need to log into something, and can be shared among your computers, phones and tablets. That way, you can have the convenience of just remembering one password – for your password manager – without putting your email and other accounts at risk. Lebowitz IT Services is pleased to offer LastPass subscriptions on a monthly basis to our clients.

For our corporate clients, we also offer MailAssure, a world-class, managed anti-spam system. Anti-spam systems treat most phishing attempts as spam. We also offer Ironscales, another managed solution that targets phishing attempts that get past your anti-spam solution and quarantines it.

Finally, learn to recognize what phishing looks like. Remember the old refrain, “But I read it on the Internet — it must be true!”? Internet access has been commonplace for over 20 years now, but surprisingly, there still people who believe that. Phishing depends heavily on that mindset, or at least on the reader’s unwillingness to think critically about what’s on the screen in front of him. If the e-mail message has a Fifth/Third Bank logo in it, then it must have come from Fifth/Third Bank, right? Well, wrong, actually!

I’ve read many articles that talk about telltale signs that can help you recognize phishing attempts. A logo that doesn’t look quite right or doesn’t match the name of the company that the message purports to be from are two such signs. Misspellings, poor grammar, circumlocutions and stilted wording are others. An email domain name that doesn’t look like the company’s domain name is yet another sign, as are URLs that don’t look anything like the company’s domain name when you hover your mouse pointer over links in the message. But all these require attention and a bit of technical knowledge that not everyone has, and many people don’t have the English skills to spot misspellings and grammar mistakes.

So, is there anything that can tip you off to a phishing attempt even if you didn’t ace AP English or have a degree in Computer Science? Absolutely.

Start by looking at the name of the company the message is supposed to have come from. Have you ever had an account with that company, or done business with them in any capacity? You’d be surprised how many people don’t ask this basic question. If you receive a message saying your Yahoo Mail account is going to be deleted if you don’t log into it *right now*, and you can’t remember ever having a Yahoo Mail account, that’s a sure sign of a phishing attempt. If you receive a renewal notice for McAfee or Norton security software, and you have no recollection of ever buying their software, then the message is most likely a phishing attempt. If you need more evidence, hover your mouse over each icon in the “hidden icons” section of your Taskbar Notification Area. If you don’t find a McAfee or Norton icon there, then you aren’t using their software, and the message is most likely a phishing attempt.

Another question to ask yourself is, “Why would this company send me this kind of message?” Since we’ve been talking about email account cracking and takeovers, let’s pick on GMail. GMail is Google’s email service. Google is a company that has long been accused of keeping too much information about everybody. How much information is too much, what kind of information is appropriate for them to keep, and even whether or not this assertion is true are beyond the scope of this article, but if you accept it as fact, then why would Google need to ask you to log into your GMail account *right now* to confirm that you’re still using it? (I’m just going to let that one sink in for a moment. How is it that the same people who believe Google tracks what they ate for breakfast this morning can be tricked into thinking that Google doesn’t know when they last checked their GMail?)

Finally, think about the propriety of using email, which is generally a non-secure, easily faked means of communication, to reach out to someone whose account has been flagged as problematic. The majority of companies know better than to do that. What they do if their internal checks detect something amiss about your account is they lock your account and simply wait until the next time you try to log in. When you do, they display a message saying that your account is locked and why, and then they direct you to a page where you can take whatever action is appropriate, such as changing your password or contacting Customer Service. So, if you receive a message in your email that notifies you of an account problem, particularly if it includes an all-too-convenient hyperlink to a web form, that’s probably a phishing attack.