By using double or hidden file extensions more malicious viruses were able to wreak havoc on end users computers through email. After learning that not all file attachments could be trusted and then being further duped into executing malicious files anyway through hidden file extensions, users learned not to open attachments in emails that weren’t from someone they know and trust.
Malicious code writers quickly alleviated that problem by creating the viruses so they would propagate from users known by the end user. The viruses would read all of the addresses in a user's address book and send itself to all of them thereby looking as if they came from someone known.
One problem with this method when it comes to wanting your virus to spread as far and as fast as possible is that the user who receives an infected email from a friend can simply call that friend and let them know they are transmitting a virus. Then that user will disconnect their computer from the Internet, clean the virus up and there will be one less computer to propagate the threat.
Email spoofing is used by virus writers to get around this little problem. The virus will still scan various files on the infected computer to look for addresses to send to- email address books, the Windows address book, email in the users inbox, or sent mail box, and even HTML pages cached on the computer. But, rather than sending the email “from” the infected user, the virus will also randomly select an email address to forge as the “from” address.
When the email is sent the recipient may detect that it is infected and contact the user that allegedly sent it only to find out that the email did not really come from them. On a simple level, it is possible to simply configure your email account so that the name and email address associated with it belong to someone else. When you send a message it will show up with the name you tell it to and reply to the email address you specify. Because this information is so easy to fake it can’t be relied upon.
The bottom line with email is to be careful. Always run antivirus software and ensure that it is kept up to date with the latest virus files from the software vendor. Equally, or more important, keep your system patched against known vulnerabilities. The major virus and worm threats of the past couple years have exploited vulnerabilities for which patches were available for months. If all users would have patched when the patch became available the virus or worm would have been powerless.
Think twice about executing file attachments to email- consider the source and the message body and the file attachment type and if you are at all suspicious contact the alleged sender to verify the reason for the attachment before opening it. Watch out for broken English and message bodies that don’t make any sense. Also beware of claims that Microsoft is sending you a patch or that Intel is writing to let you know about the next great virus. Microsoft sends out bulletins, but never emails the actual patch as an attachment and Intel isn’t in the business of detecting or alerting users about viruses. Clues like these should tell you that the message is either a hoax or it’s a virus and in either event you should simply delete it and go about your day.