bkaras said:
But do e-mail messages and/or attachments carry malware?
If an E-mail message is in HTML, yes it can carry malware. For that reason I
always choose to read all mail as plain text, even if it sent in HTML.
And attachments can be anything at all, and they can certainly be malware.
You often see advice not to open attachments unless they are from someone
you know, but I think that's extremely dangerous advice. It implies that
the opposite is true--that it's safe to open an attachment from someone you
know or trust.
In fact, almost the exact opposite is true. Many modern viruses and worms
spread by sending themsleves to everyone in the infected party's address
book. That means it's *more* likely, not less likely, that a message from
someone you know and trust is likely to be infected.
My advice is to open attachments only it's something you are expecting; even
if you get it from a close family member, it's wise to check with them first
before opening.
My own personal practice is even more stringent. I almost never open
attachments at all; I make an occasional exception, but only for an
extremely trusted source, who I am confident applies safeguards as good as
my own.