To do this, social engineers sometimes send misleading messages to try to trick users into running a malicious attachment. Or they will try to get users to connect to a spoofed Web site. This could allow the perpetrator to obtain confidential information.
Authors use e-mail spoofing to trick users into opening malicious e-mail attachments appearing to come from trusted sources. E-mail spoofing is such a common tactic with virus writers. Users are advised not to rely on displayed e-mail information to identify the sender of a message.