I don't get it
I have received dozens of 'this is the invoice' or 'this is the payroll file' or 'we have a package for you' emails with what are supposed to be DOCXs or PDFs or ZIPs in them... and given that I _know_ that I didn't order anything from anyone with that name, or engage an outside payroll service, and I'm not expecting a package and besides USPS, UPS, and FedEx don't send out that kind of message, I simply dump such emails into the trash and delete them. Sophos screams bloody murder about them about 40% of the time, anyway (Sophos detects inbound malware pretty much all the time in the ZIPs, not so much in the DOcXs or PDFs) so why, why, WHY would anyone open any of those things? Now, as i have multiple email accounts and have seen the exact same come-on show up in two or three accounts within minutes of each other, it might be more obvious that there's a problem. But anyone with even a modicum of sense should know if they have an outside payroll service, and what the email address of that service is, so that they can just look at the damn inbound mail and SEE that it's not from their guys.
I don't get it. Even when I was a newbie (more years ago than I like to admit) I _never_ just clicked on stuff in mail, I _always_ had a look at the headers to see who sent it... And, yes, the first thing I do on a WinBox (and, now, on a Mac, as Apple has caught the 'hide extensions' disease, too) is to turn 'hide extensions' OFF so that i can see that little .EXE at the end. Or that .DOCM or whatever. Why is it that umpti-ump _THOUSAND_ people simply don't _look_ at whatever it is _before_ being a happy clicker? WHY?