Social Costs

Many e-mail-based viruses forge the sender line in the e-mail's header so that determining the sending computer's owner is difficult. The forged sender line is usually taken from the victim's address book or Web pages that he or she has browsed. Most computer users are not aware that virus-generated e-mails have forged sender lines, so many of them reply, asking why the "supposed" sender sent the e-mail, when in fact, the "supposed" sender had nothing to do with the e-mail.

The social cost in this case would be that of reputation. If the recipient of the virus-generated e-mail were to in fact know the person associated with the virus-generated sender's e-mail address, the "supposed" sender could be reprimanded if the recipient were the "supposed" sender's boss, and the recipient did not know about virus-generated e-mails.

These realistic forms purporting to be from PayPal are in fact used to capture highly sensitive information that can be used to commit identity theft.

Viruses such as the W32/Mimail.j@MM ask for more than just credit card numbers, but for full names, social security numbers, mothers' maiden names, driver license numbers, and bank account numbers. These pieces of data are usually considered highly confidential and are commonly used to commit identity theft.