W32/Sobig.F wants me to go to college

I’ve been watching a steady stream of virus emails and bounce messages crowd into my Inbox all day today thanks to the W32/Sobig.F worm. Sobig is polymorphic (in the simplest sense) and spreads by mass-emailing itself to people in your address book or Internet Explorer cache. In addition, it forges the “From” address of the emails it sends, making it look like the email is coming from a randomly-chosen address. Unfortunately, since those “From” addresses are pulled from the browser cache, my email address (which has been all over the web for years) seems to be a pretty popular choice. The result is that whenever any mail server with a virus scanner catches a message sent by the Sobig worm using my address in the “From” field, the bounce message gets sent to me.

I’ve received quite a few messages today from the lclark.edu domain, but the latest one takes the cake. It’s an automated response from the Graduate School of Education at Lewis & Clark College thanking me for my request for enrollment information. W32/Sobig.F wants me to go to college and be a teacher.