senders name is changing each time. Is it possible that it’s coming from the
same source and the identity is being changed? And if so, how can I track down
Well, with viruses being what they are, an being as pervasive as they are,
it is quite possible that they’re coming from the same source.
But it’s also just as possible that they’re not.
Become a Patron of Ask Leo! and go ad-free!
Some classes of virus do exactly what you describe: they randomly change the
“From:” attribute of the mails that they send. They’ll typically infect
someone’s machine, and raid their address book, using the addresses therein for
both the “To:” line, to propagate the virus, and the “From:” line to obfuscate
the source. Occasionally they’ll also use the “Bcc:” line to confuse things
even further – you suddenly get mail that’s sent to someone else and your email
address doesn’t appear on it at all.
But the other scenario is also possible. Viruses tend to attack in waves.
Particularly when a virus is new, and the anti-virus products haven’t been
updated to detect it, it can infect a large number of machines quickly. In this
case you might well receive the same virus-laden email from several different
sources in a short period of time.
Tracking down the source of either tends to be difficult, since spammers and
virus writers these days go to great lengths to obfuscate that information. You
can look at the raw email headers (how to get at them varies depending on your
email client) and often see the path that the email took from machine to
machine on its way to you. That may help some, but it often only leads
to a general idea, such as “an ISP”, rather than a specific individual or
machine. It can be done, but it’s not really easy to track all the way to the
My advice: delete ’em & carry on.