Apple support to infected Mac users: “You cannot show the customer how to stop the process”


Mac Defender fake security popupsZDNet writer Ed Bott has posted the latest instructions to Apple tech support personnel regarding users calling in with active fake anti-virus “MacDefender” infections.

Bott says he acquired the documents by talking with two anonymous Apple support representatives about how Apple is coping with the first widespread attack against OS X users. According to his sources Apple has received an estimated 60,000 tech support calls related to the infections.

It has been encouraging that many Apple customers have been taking this attack seriously and taking preventative measures like installing our free anti-virus program for OS X.

Apple is apparently telling support reps to tell customers:

“Apple’s [sic] doesn’t recommend or guarantee any specific third part [sic] anti-virus protection over another. However I can suggest several third party virus protection programs that you may want to consider researching to find the best one for your needs.”

But they still have their heads buried in the sand when it comes to assisting their customers. The memo, acquired from an outsourced support company, says:

Screenshot of leaked Apple memo

“Things you must never do according to the client [Apple].”

  • You cannot show the customer how to force quit Safari on a Mac Defender call

  • You cannot show the customer how to remove from the Login items.
  • You cannot show the customer how to stop the process of Mac Defender in their Activity Monitor.
  • You cannot refer the customer to ANY forums or discussions [sic] boards for resolution (this includes the forums)

Apple’s famous PR savvy apparently doesn’t apply to handling security incidents. It is genuinely tragic that such a large number of OS X users are falling victim to this scam, and Apple’s response is less than helpful.

You could argue that Apple created this false sense of security through their marketing and advertisements suggesting Apple users are immune to security threats. Now that some of their flock are affected, it would be good of them to at least point people in the right direction.

Many journalists have asked me in the last few weeks whether this is being hyped by the anti-virus business. Are real people being impacted? Judge for yourself… Apple’s reaction says more about the problem than I can possibly explain.

Regardless of platform we all need to be safe with the choices we make on our computing devices, whether we use tablets, Linux, Windows, OS X, or Android. When enough people let their guard down they are easy targets and criminals will take advantage of the lowest hanging fruit.

Until next time… Stay secure.