spoof virus emails

[Brendan Burgess]

A friend of mine got an email with a virus which appeared to come from me. He is in my address book.

Is it possible that my security has been compromised or is more likely a spoof email? Is it just coincidence that he got an email which appeared to come from me?

I get spoof emails all the time, from what appear to be genuine people. I delete them if there is an attachment, especially if I don't recognize the sender. Presumably, I will eventually get a "spoof" email from someone whose name I regognize.

We are both in the email address book of a third party, who may not have his virus protection up to date. Could his address book have been attacked by a virus which extracted both our names?

Brendan

 

[demoivre]

Sounds to be like you could have Worm.Zafi.B.
I got it last July having received an e-mail from my brother who would be a trusted source. The worm manifests itself by sending multiple e-mails to everyone in the the address book of the affected computer unknown to the alleged sender.

 

[ClubMan]

It's quite possible that somebody has a virus that generates emails to a third party that purport to be, but are not actually, from a particular address (e.g. Brendan's) even if the latter person's security has not been compromised. For example, if I get a virus and have Brendan's email address in my address book then the virus could create an email purportedly from Brendan's address. It may even send such emails to all the other people in my address book such that the faked email will look legitimate to some or all of the people stored in my address book. And Brendan may get the blame! The person who received the email should try to view the raw headers of the message to see where it came from and to ascertain if it actually came from Brendan's address/account or from somewhere else. Ideally they should do this without opening the email (e.g. save it to disk and open it in its raw form if possible) but they've probably done that already.