Update to my previous message:
I'm looking for patterns or any other details that might help clarify what's causing the recent spam issues, so instead of immediately deleting spam that appears to be to/from Spamgourmet, I'm saving it (but being careful not to open it).
This morning, so far, I have received 2 spam e-mails that are associated with 2 different Spamgourmet addresses but appear to have the same content. Both were flagged by Norton AntiSpam, and both contain malware identified as JS.Downloader by Norton.
In the details below, I use "mySGaccount" to refer to my Spamgourmet user name, which is prefixed with unique strings for each business with which I exchange e-mail. I use "aaa" and "bbb" to represent these unique prefixes.
E-mail #1: Appears to be both from and to
aaa.mySGaccount@spamgourmet.com. Subject line is "[Norton AntiSpam]FW:Invoice Copy (trusted: spamgourmet.com)".
E-mail #2: Appears to be both from and to
bbb.mySGaccount@spamgourmet.com. Subject line is "[Norton AntiSpam]SPAM: FW: Invoice Copy (trusted: spamgourmet.com)".
Looking at my account information on spamgourmet.com, I see that neither of these addresses is in my trusted senders list. And both addresses have had zero allowed messages for a long time.
Now, if I understand how trusted senders work, I think it's possible that a *different* trusted sender (which is not shown in the spam e-mail to/from fields) could be sending the spam to the addresses that are visible when I receive the e-mail (
aaa.mySGaccount@spamgourmet.com and
bbb.mySGaccount@spamgourmet.com). Is it correct that in a scenario like this, it would not matter that the aaa and bbb addresses are not trusted and have zero allowed messages left? Is this likely to be a correct description of how the recent spam is penetrating Spamgourmet?
I'll probably start deleting as many of my trusted senders as I can. It would be helpful to know how likely this is to solve the problem. I would also like to understand better whether Spamgourmet or my PC has been compromised. For example, if the spam originates from one of my trusted senders, how does that sender know the other Spamgourmet addresses I use?