A friend sent the following. To me, it seems a bit simple but, who knows? Does this sound like it would be effective?

"As you may know, when/if a worm virus gets into your computer it heads straight for your e-mail address book, and sends itself to everyone in there, thus infecting
all your friends and associates. This trick won't keep the virus from getting into your computer, but it will stop it from using your address book to spread further,
and it will alert you to the fact, that the worm has gotten into your system.

Here's what you do: first, open your address book and click on "new contact", Just as you would do if you were adding a new friend to your list of e-mail addresses.

In the window where you would type your friend's first name, type in 1aaaaa. Also use address 1aaaaa@a.aaa

Now, here's what you've done and why it works:

The name 1aaaaa will be placed at the top of your address book as entry #1. This will be where the worm will start in an effort to send itself to all your friends.

But, when it tries to send itself to 1aaaaa, it will be undeliverable because of the phoney e-mail address you entered.

If the first attempt fails (which it will because of the phoney address), the worm goes no further and your friends will not be infected."

Fifteen years ago something like that might have deterred some primitive viruses but malware developers blew past that primitive approach in a matter of months and quickly learned to search not only the address book but also scan for email addresses contained in any file. According to recent statistics on the types of Malware prevalent that type of exploit is almost never found in the wild in 2020.

Good to know. Thanks. Here’s why the suggestion was sent to me:

I am a volunteer executive with a pensioners association and received an email that, at first glance, appeared to be from our President. In the From section, the email had his name but his address was wrong.

Using my first name, which is NOT in my email address, the email was looking for a response from me: “Are you available to talk? Let me know.”

So, I called the President and, sure enough, he had not sent the email but he recently had problems with email while setting up a new computer (Windows).

Soon after, we learned that others on the executive received similar emails, purporting to come from the President.

I assume that, if I had simply responded to the original email, I would have been confirming that my email address and name were valid. So, I guess, the bottom line is always to be vigilant.

Quick question: In this case, is it most likely that the President’s email issue was the culprit? Or could it simply have been any one of the executive, who’d all have the same list of recipients?

It could have been anyone who had a copy of the list anywhere on their computer. I could just as easily come from another email to that contact list. It could also have been from a message that was intercepted somewhere in transit. I said that type of malware is quit old and relatively uncommon these days but that does not mean that it isn't out there in the wild.

You can get a better idea of what is going on by submitting the email to an Email Header Analyzer but first read this tutorial. I have a long list of such tools so if that one doesn't help, just let me know.

Thank you. It raises one more question.

Whenever I get a phishing email I always forward it to the the authorities at the company (if it purports to be from a company) or to the ISP if it's just an email. My habit has always been to send the email with the complete Header information exposed.

That used to be quite easy in Apple Mail. You could just open the Header and forward the email, which would be transmitted with the header opened. It doesn't work that way anymore. Now, at the moment the email is sent, the Header closes.

So, now I copy the Header and paste it into the forwarded email. Is there a security reason that Apple Mail would move away from being able to forward an open Header?

I am confident Apple has a reason most likely related to security, but I have no idea of the details behind it. I will research that question and see if I can find an answer for both of us.

Just a thought....is it possible that some phishers are smart enough to have code in hidden their messages that would cause the Header to close on 'send'?