I've just had a couple come through myself. To me, it looks like there could be some widespread email password compromise at Yahoo/Xtra.
Why do I say this? Here are the Receieved headers:
Received: from nm19-vm6.bullet.mail.gq1.yahoo.com ([220.127.116.11]:36873)
by omicron.elinuxservers.com with smtp (Exim 4.77)
for *******@gogo.co.nz; Fri, 08 Feb 2013 23:57:17 -0800
Received: from [18.104.22.168] by nm19.bullet.mail.gq1.yahoo.com with NNFMP; 09 Feb 2013 07:57:10 -0000
Received: from [22.214.171.124] by tm14.bullet.mail.gq1.yahoo.com with NNFMP; 09 Feb 2013 07:57:10 -0000
Received: from [127.0.0.1] by omp1035.mail.gq1.yahoo.com with NNFMP; 09 Feb 2013 07:57:10 -0000
Received: from [126.96.36.199] by web163406.mail.gq1.yahoo.com via HTTP; Fri, 08 Feb 2013 23:57:10 PST
Clearly Yahoo's SMTP servers have been used to send the mail, and it's from a person I have had contact with previously, so I'm in their address book, the To: header also includes other people obviously in that address book.
I've just had two come through, from completely different people, but both Xtra users, with whom I have had contact in the past (but not related to each other in any way).
I can't see any realistic way that this can't be a compromise of some description at the Yahoo/Xtra level.
Discussion at TradeMe about it: