Just for the record, when you say "from", do you mean you checked the headers and it looked like it was a message genuinely sent from her account, or just that the "From:" field in the e-mail contained her e-mail address?
Good question, Jibz. The message was such obvious spam that I didn't bother to check the headers. I simply assumed that someone had hacked her MSN email account and was now sending spam to everyone in her addressbook. I wrote to let her know, and in response I got the explanation I quoted in my original message here. It didn't seem like a likely explanation, so I thought I'd post a message here and see whether anyone has heard of a similar "problem" with Chrome. But now that you've asked, I looked at the headers. There weren't a lot, especially before the message was received at my university (where I have the email account to which the message was sent). Here are some key pieces of info from the headers (I've changed the name of the person I know to janedoe and my university's address to ********.edu):
The return path header was Return-Path: <firstname.lastname@example.org
The headers from the start to when it got to my university were as follows:
Received: from snt0-omc4-s11.snt0.hotmail.com (snt0-omc4-s11.snt0.hotmail.com [22.214.171.124])
by ********.edu (mx3.********.edu) with ESMTP id q5I2vdq7025380
for <cyberdiva@********.edu>; Sun, 17 Jun 2012 22:57:41 -0400 (EDT)
Received: from SNT102-W47 ([126.96.36.199]) by snt0-omc4-s11.snt0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4675);
Sun, 17 Jun 2012 19:57:38 -0700
From: Jane Doe <email@example.com
If the Originating IP # is not forged, it's in Mexico. I don't know where this person lives (I "know" her only via listservs we're both on); I kinda doubt she's in Mexico, though it's not impossible. The message-ID ends in @phx.gbl, which is apparently something that appears in many messages from Microsoft-related mail. Since she's got an account at msn.com, I guess that makes sense. Perhaps so too does the appearance of hotmail.com in one of the headers, I don't know. All the unshown headers after these (leading up to the Return-Path header) look normal. They're all internal to my university.
So no, it's not just the "From" field that makes me think it came from her account, but the Originating-IP in Mexico does give me pause. I'm not sure, however, whether the headers indicate clearly whether her email account was simply hacked or whether somehow a "bad website" was able to send spam from her account (her explanation). Any thoughts?
Thanks in advance.