Here at work we’ve been watching bouncebacks flood into an email inbox, apparently triggered by the recent spread of Sober.p. The bouncebacks are coming from virus-laden emails heading out to the world with fake “From” addresses…in this case, that particular email address.
Now, given the fact that we use this address primarily as an internal address inside a small, secure, virus-protected network, don’t publish it, and have only used it to communicate with a few relatively computer-savvy people, it bothers me that even the few machines where it is likely to exist outside our network are still vulnerable to this sort of thing. Email viruses have been well publicized for around a decade. Why — given the fact that this one doesn’t even look like a real message from us — are people still clicking on the attachments?!? Shouldn’t we be making the virus writers work harder now? :|