I’ve seen quite a few very nice bits of social engineering in email viruses lately, including things like a faked From: email@example.com, but the very best I’ve ever seen just arrived:
Subject: Undelivered Mail Returned to Sender
There were errors processing you mail. Please, read detailed information in the attachment
with an attachment named error.hta. Very nicely done. Of course, that’s MAILER-DAEMON@yahoo.com, the grammatical errors in the body grated on my one remaining nerve, and you and I are probably in a tiny minority actually knowing what an .hta really is, and why we’re not about to look at one. Still, very cunning bit of work, and if they’ve got a good enough payload, I predict a nice run for whatever it is (after all the Klez-related hits I got during it’s first outbreak, even if I had bothered to search for a name for it, I wouldn’t be posting it).