I’ve gotten two very different e-mails today, presumably created by a worm of some sort, that are much more plausible than the standard “open the attachment” mails. The most recent:
Dear user of Outsidethebeltway.com gateway e-mail server,
Your e-mail account will be disabled because of improper using in next
three days, if you are still wishing to use it, please, resign your account information.
Further details can be obtained from attached file.
Attached file protected with the password for security reasons. Password is 46423.
The Outsidethebeltway.com team
Both are “from” addresses on my domain. Now, since the outsidethebeltway domain is just me, I know there’s no such thing as the “The Outsidethebeltway.com team.” But if I had a more conventional e-mail address, it would seem more plausible.
Update: Dodd Harris has had a similar experience.