Update: 1/23/2012 - Since I don't work for Apple any more, I have made this rant un-private. It's a funny story. My apologies if Mr. Lawyer finds out and his feelings are hurt.
I'm surprised I didn't get any shit about this on Facebook or whatever. Usually, people try to call me out whenever something goes wrong with Apple. The general line of thinking, I guess, is that since I work for them I must be a fan boy. I'm not. It's a paycheck. A good portion of my day, however, is spent dealing with this Mac Defender shit.
People fall for this crap.
Sorry to bust the world's bubble but Apple zealots don't have things like this happen to them. Stupid Americans who bought a Mac because their neighbor got one and now their kids won't shut up about it have things like this happen to them. It's part of a bigger problem, one I call click-through (despite its appearance outside of the tech world), and human beings are chock fucking full of it. College-educated people fell for this. Here is the play-by-play:
- John Smith is searching Google for images of Mauritania.
- Due to SEO poisoning, John Smith unwittingly clicks on a page with what seems to be pertinent information.
- Suddenly, a window pops up on John's computer that looks vaguely like a generic Finder window. It starts rattling off information about viruses, and text starts blinking everywhere.
- A prompt comes up telling John that it's going to install MAC Defender. Spelled just like that. MAC Defender.
- John, despite having bought a Mac because they don't get viruses, tells it to download.
- As with all software, the MAC Defender requires John's password to install. He provides it.
- MAC Defender loads with the screen you see above. It has obnoxious overlays like in the upper right. MAC Defender brings up a list of viruses that his computer is infected with.
- When John tries to remove the viruses, the program says he needs to register and requires credit card information. He provides it.
- The program either claims to have removed the viruses or claims the credit card information is invalid, then John notices that pornographic web sites randomly begin popping up on his screen.
- At the Apple Store, John is told it's a fake program and to call his credit card company. He explains that he trusted the program because it said MAC. Spelled just like that.
The people behind this actually made an updated version of it after Apple responded so it no longer needs a password to install (it goes to the user's Applications folder as opposed to the system one) but it's still the same steps. There's so much ignorance here:
- At no point in the history of Mac OS was there ever blinking text.
- You bought a Mac because they don't get viruses.
- The program spelled MAC with all capital letters.
- The program came up, unasked.
- The program asked for credit card info. In some cases, it said your perfectly fine card was declined and you possibly put in more credit cards.
All of this is prompted because someone I helped today took 45 minutes to realize he'd been scammed. He came up and told me about how he had a virus making porn pop up on his machine and his credit card wasn't working. I saw MAC Guard (the name it's currently running under). I said the following: "Ahh, it appears you've been a victim of the Mac Defender scam. Good news: You don't have a virus. I am going to just remove the program. Since it's a scam, you will need to call your credit card company and let them know you've been a victim of fraud."
His response to me was that none of his cards worked and he was really worried that Apple had a problem with its servers. I said, "Since it's a scam program, not made by Apple, I wouldn't be surprised if it told you your card was declined. I'm sure your cards were fine, but if you put them in you have to call the companies and get new cards."
He then asked me why it would decline them if his cards were okay. A little confused, I said, "Again, it's not a legitimate program. It probably just told you the cards were declined so as to get more card numbers from you." He saw me delete the program and asked why I was getting rid of it. "Since it's not made by Apple and it's causing the pornographic web sites to pop up on you, I have to remove it. If I leave it, it's going to keep bringing up the sites and the annoying windows telling you the computer is infected when it isn't."
He nodded and I finished up by restarting to make sure it was gone. So I said, "Just make sure you call your credit card companies. The scammers can make all kinds of fake purchases until you alert the issuers." He asked if he could check some email and since it wasn't particularly crowded I said okay. He sat there for 30 minutes while I helped a few other people and then indicated to me that he was ready to go. I thanked him for his visit and said my fond farewell stuff. His question: "So how exactly do I pay for this?" I explained that anything we do at the Genius Bar is free. He then replied: "No no, I mean the Mac virus program. How do I pay for it? Do you take the payment?"
I made sure to enunciate as clearly as possible here: "There is no payment because the program that was telling you that you had a virus was asking for the payment and it is not a genuine program. So for whichever cards you tried to use, you will have to call the issuers and let them know you gave your card information to scammers." His response floored me: "If it's not a real program, though, why does it say Mac?"
I almost didn't have an answer that didn't insult his intelligence but finally came up with, "There's nothing stopping anyone from making a program and calling it Mac something."
His equally confounding response: "So you got rid of the viruses, then?" To which I said: "You didn't have any viruses. That was a lie. The program was using scare tactics to get you to put in your credit card information."
And, finally, wave of realization. "So people maliciously got ahold of my credit card information?"
YES! After chatting with him just a little more, post-realization, I got out of him what he does for a living. Senior partner at a law firm.