Today I got tons of e-mail messages in my GMail account purported to have come from none other than my wife from, well, none other than her gmail account. Initially I thought they came from somebody else’s machine which had been infected with some virus. Unfortunately, the arrival of these virulent messages coincided with her notebook being online. The strangest thing is she has got Trend Micro OfficeScan running on her notebook. The same virus scanner would quickly identify the payload of the messages to contain the WORM_NYXEM.E worm when I used the ‘Show Original’ button on GMail.
Another thing I don’t understand is GMail is supposed to scan attachments on incoming messages for virus. I suppose the virus scanner GMail uses doesn’t know about this virus yet? Impossible!
Also, GMail should be able to easily identify that the messages’ sender identity has been spoofed. GMail seems to be supporting SPF (Sender Policy Framework) and it should be able to identify the originating addresses of the messages as not coming from its machines.