Let's be honest here. If I wanted to make it look like your mother sent such an email, all I need is her email address.
Then I can use any common method to "spoof" that it came from that address and then use the Reply-To field in the spoofed email or just send bogus links or even malware.
As long as she is using email, there is a risk someone without ethics can use her email address.
she has fallen prey to the infamous yahoo email hack where someone is emailing all her friends saying she is in a foreign country and needs money quick to get home.
I have no clue how this hack occurs. I am assuming she got phished but don't know how to help her cure the problem, other than changing her pass word.
she is running a macbook pro with snow leopard (I don't know if software is up-to-date).
I'm running over to her house tomorrow to see what I can do. in the mean time, I'm headed to my evening job and won't be back until 10:00 am tonight so I can't give y'all more details than this right now (I told you as much as I know).
I will say this. Her password was fairly good, with a mix of upper/lower case and an unusual phrasing including a number. This is why I'm assuming she got phished.
Thanks folks, for any help.