Apple ID linked devices – which device was used to make malicious calls?

Discussion in 'iPad Tips, Help and Troubleshooting' started by bluestapler, Nov 3, 2013.

  1. bluestapler macrumors newbie

    Joined:
    Nov 3, 2013
    #1
    scenario:
    • lots of iPads are linked by having the same Apple ID (ie the same email address)
    • one of the iPads is used (by person ‘A’) to facetime a friend of A’s’s iPhone 4
    • the email address from the iPad is added to A’s contact details in the iPhone
    • iPhone later facetimes A back but A is unavailable….
    • …as the ipads are linked by having the same Apple ID, they all ring out and the call is answered by someone else in the group, called ‘B’. iPhone hangs up. Neither A nor iPhone were previously aware that all the ipads were linked or the ramifications of this
    • iPhone later receives imessages sent from the email address, thinking it is A, a conversation ensues
    • further imessages - now malicious ones - received on the iPhone from the email address (the messages were not sent from A!). The messages appeared on all of the iPads and all users were instructed to delete the messages.

    Is it correct to say that A’s iPad won’t show a missed call because it was answered by another device i.e.B?

    Because B answered the call from iPhone, has B then captured iPhone’s contact details?

    Is it possible that iPhone’s contact details were captured by another party who happened to be connected to B at the same time

    Most important question is: Is there a way to find which iPad was used to send the message (mac address history maybe??) i.e. who is B? :(
     
  2. Night Spring macrumors G5

    Night Spring

    Joined:
    Jul 17, 2008
    #2
    Not sure I follow this scenario you describe, but I know that when a new device is added to an iMessage account, I get an email notifying me, plus the next time I use any of my other iDevices (the ones other than the newly added device), I get a popup saying something like "device X was added to your iMessage account." It is pretty annoying because I have to keep dismissing the same message over and over, with each iDevice and with each Mac that I have. So I think it'd be hard to miss when iMessage is added to another device, unless you have very few devices attached to your iMessage account to begin with.
     
  3. bluestapler thread starter macrumors newbie

    Joined:
    Nov 3, 2013
    #3
    My query is not trying to find out when a new device is added to an iMessage account, but to find if there is a way to trace from which of the devices signed up to that iMessage account was the originator of the malicious messages.

    Perhaps it would help if I said that all of the iPad devices are signed up to the same iMessage account because of work connections only, but each is in the posession of unrelated individuals.

    Does iMessaging leave a mac address trail in the same way that, say, an email or SMS would?

    If so, would that trail show up on the iPad and/or the iPhone if either were to be forensically examined?
     
  4. Night Spring macrumors G5

    Night Spring

    Joined:
    Jul 17, 2008
    #4
    Well, my thought was this problem could have been prevented before it happened if you had been paying attention to new devices added messages, and removed the unauthorized device from the account immediately.

    If it has already happened, I have no idea if you can trace which device sent which message. If you really need an answer, perhaps you should try calling Apple support.

    I think this also proves why it's a bad idea to have different people sharing a single iMessage account. Each person should have their own account, period.
     
  5. bluestapler thread starter macrumors newbie

    Joined:
    Nov 3, 2013
    #5
    Thanks Night Spring for taking the time to reply. I agree that each person should have their own account.

    Unfortunately it has already happened. Neither the iPhone owner, nor their friend 'A' with the iPad were aware that there were several devices using the same ID before the incident.

    It transpires that all the iPads were distributed to employees, apparently set up with the same ID to aid mass messaging to each employee.

    It is not a case of unauthorised devices being added, the problem is: which of the authorised devices sent the malicious iMessages?
     

Share This Page