Unfortunately, implusiveness and gullibility get the better of us. As we discovered today after deploying brand new Windows 7 PCs for a client, one of the staff received a phony e-mail claiming to be a UPS notice with a "billing attachment". The user clicked it once. Nothing. Then again, and again, and again. Within 30 minutes, their network ground to a halt. Now its costing hours of time and effort to repair a file server and client PCs that were infected by numerous pieces of malware.
Think carefully when reading e-mail.