Although websites are usual way to distribute malware, email is far from forgotten by malware makers. Spam volume goes down, but targeted spam messages work wonders. One of the popular tactics is sending out mails with zipped files or links to them claiming this is document you asked for, or some sort of movie clip.
I think it is strange that people open some adult zoo movies couple megabytes in size and with .exe extension. Or some sort of report from people one does not know. These things should not happen, but there are unlucky or too curious people for their own good.
Although tactic is far from new, the messages are getting more personalized each day. For example, malware makers might craft a message in a way so you think the attachment includes your photos, a video or something that someone ordered in your name. I would delete mails with a random attached file. However, many of us will open an image of oneself, even if you don’t remember doing some naked photo shooting. The message can originate from a friend you know well who was unlucky enough to get infected.
Typically, one is infected right away. Single trojan downloader is enough to fully take control of one’s PC and misuse it. In some cases it will be just a rogue, like WinWebSec’ s Security Shield or the daily one like Windows Safety Checkpoint . In other cases it will be a silent infection with banking trojan that targets bank accounts in specific countries.
The best tip? Avoid opening attachments at all. Especially if one gets unexpected mail from a friend that should not send anything to you. This, and decent anti-virus will save you from lots of headaches removing malware.