Spoofed identities: virus, spam or scam?

Identification is becoming increasingly problematic in the halls of smoke and mirrors we call 'cyberspace'. The identity question raises its head in the context of the origin of mass-mailing viruses and worms, the relentless avalanche of spam, electronic identity theft, Internet fraud and cybersquatters. How do we recognise and respond to e-mail address spoofing? How should we react to the evil spammer? Why must we remain vigilant in defence of our financial details and what is our recourse in the event of identity theft and fraud? How we choose to resolve these issues could determine our future freedom of use of the Internet, and a clearer understanding should allow us to navigate safely some potentially hazardous waters ahead.

Faked sender addresses are not a new phenomenon, but over the last six months this characteristic seems to have become the norm. Of the last six worms to have appeared in significant numbers on the scene recently (Sobig.C, Bugbear.B, Sobig.B, Fizzer.A, Ganda.A, Gibe.B and Yaha.P), all spoof the senders name and/or address. By far the greatest culprit in this respect has been the infamous Klez.H. It searches for e-mail addresses in the Windows address book and also in files with the extensions TXT, HTM, HTML, WAB, ASP, DOC, RTF, XLS, JPG, CPP, C, PAS, MPG, MPEG, BAK, MP3 and PDF. The 'From' address can be either one of the addresses found in this search or one selected from a list inside the body of the worm.

http://www.biosmagazine.co.uk/op.php?id=72