These worms can not only harvest addresses from infected computers' address books, they can also take addresses from the web browser cache or anywhere on the hard drive. So if you have your addy up on the Web somewhere, and an infected person has visited your web page, your e-mail address could end up being used.

Be warned - if you're getting these spoofed e-mails, your address is also being used as the "from" address for other e-mails, and people are getting infected messages, seemingly from you. Don't be surprised if you start getting "bounce" messages for mail you never sent.

One of my e-mail addresses ended up on an infected computer on a network at a school in the U.K., probably via one of my web pages. Hordes of kids started e-mailing me and asking me, "Why do you keep e-mailing me? I can't read the attachment. I click on it, but nothing happens." Oy.