I am receiving identical emails with the same virus. Only the senders name is changing each time. Is it possible that it's coming from the same source and the identity is being changed? And if so, how can I track down the sender?
Well, with viruses being what they are, an being as pervasive as they are, it is quite possible that they're coming from the same source.
But it's also just as possible that they're not.
•
Some classes of virus do exactly what you describe: they randomly change the "From:" attribute of the mails that they send. They'll typically infect someone's machine, and raid their address book, using the addresses therein for both the "To:" line, to propagate the virus, and the "From:" line to obfuscate the source. Occasionally they'll also use the "Bcc:" line to confuse things even further - you suddenly get mail that's sent to someone else and your email address doesn't appear on it at all.
But the other scenario is also possible. Viruses tend to attack in waves. Particularly when a virus is new, and the anti-virus products haven't been updated to detect it, it can infect a large number of machines quickly. In this case you might well receive the same virus-laden email from several different sources in a short period of time.
Tracking down the source of either tends to be difficult, since spammers and virus writers these days go to great lengths to obfuscate that information. You can look at the raw email headers (how to get at them varies depending on your email client) and often see the path that the email took from machine to machine on its way to you. That may help some, but it often only leads to a general idea, such as "an ISP", rather than a specific individual or machine. It can be done, but it's not really easy to track all the way to the source.
My advice: delete 'em & carry on.
Related:
-
Ask Leo! - Someone's sending from my email address! How do I stop them?!
-
Ask Leo! - How do I figure out who owns an IP address?
Article C2342 - April 27, 2005