The problem here is that the new viruses (Klez and Nimda in particular) "spoof" their from addresses. That is, the address that your e-mail software says the e-mail is from is not really where it came from. It gets the e-mail addresses to use for that spoofing by looking through .htm and .html (web) files on your hard drive. That's what makes it look like you're getting a virus from someone on the board. In truth, it just harvested their e-mail address becuase it's listed in the board's web pages in your system's cache.
You can usually tell where the e-mail really came from by looking at the hidden headers. In Outlook Express for example, look at the properties of the e-mail and then click the details tab. Look for the return-path header for the actual originator.
--Rob Hook
P.S. If you're having virus problems at work you should seriously consider looking at
www.emailgatekeeper.com. It's a new anti-virus solution that stops ALL viruses, whether they're old or new with no need for constant updating.