Tom and Rohan Another possibility is that the virus is smart enough to know that you're on a list (it's probably looked at the email in the inbox for addresses and discovered your name in the header along with information about the insights-l list.).
As far as spam bound virii are concerned, lists are very attractive (a single email can potentially infect hundreds of people), so having discovered that tom is a member of a list, it's may find this an attractive option for forwarding itself. Of course, given that most lists need you to be a member to post, it's got to use tom's address or it's not going to have any luck sending to the list, so simply spoofing a different address each time isn't going to make sense. (this is just an edumacated guess!) Rodd On Tue, 2004-08-10 at 12:11 +1000, Rohan Pryor wrote: > Tom, I think it means that your email address is on lots of infected > computers, which could either mean (a) you've got a bunch of dodgy > friends/associates who are more prone to virus infection, or (b) you've got > a large bunch of friends/associates. > > Regards, > > Rohan > > Rohan Pryor > Manager, Information Technology Services > Synod of Victoria and Tasmania > Uniting Church in Australia > > Email: [EMAIL PROTECTED] > Ph: (03) 9251 5243 > Fax: (03) 9654 4110 > Website: http://vic.uca.org.au > > -----Original Message----- > From: Tom Stuart [SMTP:[EMAIL PROTECTED] > Sent: Tuesday, August 10, 2004 11:53 AM > To: 'Insights-l' > Subject: Emails carrying virus supposedly from Tom > > Grrrrr! I apologise to everyone for constantly getting email containing > viruses with my return address on it. One of the Insights listee's helped > me by studying the header (the technical hidden stuff) of one of these > emails and made it abundantly clear that these virus laden messages are not > from me. > > > > Why they have my address on it almost ALL the time has me flummoxed. > > > > Tom > > > > _____ > > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Tom > Sent: Tuesday, 10 August 2004 11:31 AM > To: Insights-l > Subject: [virus Win32/Bagle.gen.zip worm] Re: > > > > Screen > > > Password: > > > > __________ NOD32 1.837 (20040810) Notification __________ > > Warning: NOD32 antivirus system found the following infiltrations in the > message: > foto1.zip - Win32/Bagle.gen.zip worm - deleted > > http://www.nod32.com > << File: ATT00019.html >> << File: image001.jpg >> > > ------------------------------------------------------ > - You are subscribed to the mailing list [EMAIL PROTECTED] > - To unsubscribe, email [EMAIL PROTECTED] and put in the message body 'unsubscribe > insights-l' (ell, not one (1)) > See: http://nsw.uca.org.au/insights-l-information.htm > ------------------------------------------------------ ------------------------------------------------------ - You are subscribed to the mailing list [EMAIL PROTECTED] - To unsubscribe, email [EMAIL PROTECTED] and put in the message body 'unsubscribe insights-l' (ell, not one (1)) See: http://nsw.uca.org.au/insights-l-information.htm ------------------------------------------------------
