A common pattern in the way
Worms and one tactic Spammers employ is that they send mails which have
spoofed from address. This means that the from address you see in the mail
is not actually the address from which the mail originated.Worm when it
infects a PC, makes a list of all e-mail addresses found in the infected
machines address book, html pages, or any other file is searched and a
list is made by the worm. Then it chooses one 'from' address and another address as the 'to'.
The person whom it supposedly come from, may not know about the mail at
all.
Spammers
follow similar procedure so that the source of the spam is hidden, bounced
back message goes to spoofed addressee, and spoofing also allows spammers
to avoid negative publicity.
Strange
Bounced Mail; when the mail is sent to someone fraudulently with your
from address and if for some reason that mail could not go through, it gets
bounced back to you. This is how you get undeliverable message for mails which you
haven't sent. Mail may be getting returned due to over quota or
because server detected virus in the mail.
Affect of spoofing by Virus/Worm: a worm triggered and spoofed mail
wont be sending you cakes. Most often they come with a mail which carries
the worm code itself to start work in your PC. If your network or your PC
does not have effective antivirus in place, you are sure to get infected
and start infecting others.
How to Investigate and find out: currently there is
not much you can do to prevent address spoofing excepting the normal
spam filtering. Your address
can be inserted by someone as their from address very easily in their
e-mail program. In future, the senders domain name may be verified
automatically by the e-mail server trafficking the mail to ensure that the
sender actually is the sender it claims. This technology is in the process
of being perfected and may offer a solution.
