We (the business) were hit this morning. Despite expensive antivirus measures (dedicated server, policy orchestrator and anti-virus on each client, auto online updates, training, firewall appliances, etc. etc.), the worm arrived three hours before the signature update. Our flavour is [email protected] wrapped in Text.zip. This one runs through the Outlook address book randomly picking an addressee and randomly chosing a sender to spoof the email "from" data. While nailing one of the guilty openers to the wall - "You know not to open attachments you were not expecting or from an unknown source, or with an odd salutation or attachment name!!!!", the reply was "It was from you and the attachment was called Text.zip and I was expecting the contract text that you were sending this week".
I almost got caught out by this one as it arrived from a contact who sents a weekly message with an attachment. My suspicions were aroused when there were four messages instead of the usual one. Each had a title like those listed in Belatucadrus' link.
This thread is now locked and can not be replied to.