From: Steve Pope on
This is likely the address book having been hijacked as the OP
suggested. If this is true, there are two possibilities: the
malware got into the target computer and used the address book
to send spam emails from that computer; or the malware actually
uploaded the address book into the hands of hackers, after which
(perhaps after being traded around) it was used to send the spam.

Steve
From: David H. Lipman on
From: "Richard Oliver" <R.Oliver(a)Spam.co.za>

| Thank you Dave,but could you please explain how that would be done ?
| Regards,Richard

It doesn't have to be malware related to you or your son.

It could be that his email address was in a distribution list and was then harvested.
Once the address was harvested it was then used to in an a spam email pretending to be
him.


--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp


From: Richard Oliver on
Thanks very much Dave , I now realise that my son does in fact forward
mail that he receives without removing the addreses. Much
appreciated,Richard

On Mon, 26 Jul 2010 17:13:38 -0400, "David H. Lipman"
<DLipman~nospam~@Verizon.Net> wrote:

>From: "Richard Oliver" <R.Oliver(a)Spam.co.za>
>
>| Thank you Dave,but could you please explain how that would be done ?
>| Regards,Richard
>
>It doesn't have to be malware related to you or your son.
>
>It could be that his email address was in a distribution list and was then harvested.
>Once the address was harvested it was then used to in an a spam email pretending to be
>him.

From: Bob L on
On Tue, 27 Jul 2010 08:41:00 +0200, Richard Oliver
<R.Oliver(a)Spam.co.za> wrote:

>Thanks very much Dave , I now realise that my son does in fact forward
>mail that he receives without removing the addreses. Much
>appreciated,Richard
>
>On Mon, 26 Jul 2010 17:13:38 -0400, "David H. Lipman"
><DLipman~nospam~@Verizon.Net> wrote:
>
>>From: "Richard Oliver" <R.Oliver(a)Spam.co.za>
>>
>>| Thank you Dave,but could you please explain how that would be done ?
>>| Regards,Richard
>>
>>It doesn't have to be malware related to you or your son.
>>
>>It could be that his email address was in a distribution list and was then harvested.
>>Once the address was harvested it was then used to in an a spam email pretending to be
>>him.


I put a lot of blame on the authors of the e-mail programs, all
multple "To"s should automatically be changed to BCC and e-mails with
multiple e-mail addresses in the body, should have the program warn
about the possible implications.

Rest of the blame is on the users of the e-mail programs. Too lazy to
do it in the safest way.