Quote:
Originally posted by mardigras
It's likely not your computer is sending the mails. These worms collect e-mail addresses from many sources not only to send messages to but to randomly lie about the return address. Same computer using your address as a return address is probably sending messages from a multitude of other addresses.
You can't catch a "guilty party" because they aren't doing it intentionally. Best you might hope for is to alert a service provider that one of their users is infecting others.
|
This is the first thing I thought of.
Plenty of viruses do this and it is not done intentionally by anyone, other than the original virus writer. Who gets put in the FROM field can be totally random, depending on what is in the infected computer's internet cache or address book.
Just one example:
http://www.bullguard.com/antivirus/vi_klez.aspx
Klez also has the ability to spoof the email "FROM:" field. The sender's address used by the virus may be one that was found on the infected user's system. Thus, it may appear that you have received this virus from one person, when it was actually sent from a different user's system. Infected machines have the ability to send out spoofed email using a fake "FROM:" address. Doing so makes it appear that a user sent a viral email when, in fact, the infected machine is sending out such messages. This situation adds to the confusion in tracing the real infected culprit, and complaints are often generated because of these spoofed "FROM:" addresses.