CIS Home > Security > Desktop Security > Forged Email

Forged Email Messages

Many people at WHOI have received messages from 'postmaster' and 'virus detection' accounts at other institutions which state that a message from their whoi.edu account contained a virus. Chances are very good that no such message was sent. Please read on.

If someone with whom you correspond gets a worm or virus on her/his PC, then your email address may be forged in an outgoing message from that infected machine.

A virus, once it has infected a PC, will go through the infected PC's address book, documents, etc. to find email addresses to send itself out. What these viruses will often do is send itself out from the infected PC using a different email address than the one it is actually coming from. Your email address may have been picked up from an address book or past email from someone who got infected by the virus. The virus, in turn, is sent a message to the mail server (that responded back to you) in your name. Since the message looks like it came from your email account, the intended recipient's mail server blocked the message and sent you the reply back. Regarding these specific messages telling you that you have a virus, you can just ignore them. Recently with the increase of email viruses such as SoBig, these "bounced" messages from other organization's mail server have been
causing problems for everyone on the Internet.

To be on the safe side, if you are running a Windows operating system, perform a full system scan of you're computer (This at the least should be done weekly.). If you are running any operating system other than Windows, don't worry about these messages.

Keep your virus definitions up to date, Please.