I have a domain so I when registering I always use the site as the “name”@XXX.XXX so I can tell who sold my email for bulk mailing.
Recently I have recently received literally a hundred emails to my Tech Republic email (techrep@XXX.XXX) regarding “password change”. They all have the w32/sober.j@MM viral attachment, and the body is like so (from the most recent):
From: hostmaster@cuseeme-channel.com
Date: 6 Dec 23:54 (PST)
To: TechRep@XXX.XXX
Subject: Re: Registration confirmation
