I just got hit Friday at my Aol account...anti-virus, etc. won't really help because the damn things don't go after your computer...it uses the online service provider's stuff. CW called me early (my time) and I went and changed my password. Then the damn thing went in and changed my password and blocked me out (eveidently had the answer to my security question that I never changed since joining Aol in the 90s!). We went back and forth a couple of times, and then Aol thankfully suspended my emails (they move quickly). I called them...and had Julie from Calcutta change the password and my security question at the same time...that took care of it.
Do not rely on just changing your password...change your security question as well.
My virus used my signature (law firm address, etc.) and even responded when the person receiving it replied..."Yes, this is me. My email is fine." or something similar, again, followed by my signature. It provided a link to a real estate deal (REMax) which asked for the person's password.
They target Aol, Google, Yahoo. CW tracked it down:
http://blog.onlymyemail.com/remax-hot-properties-email-phishing-fraud/