We get quite a few of these at work. It's entertaining to play with these emails to see how far the rabbit hole really goes. Some of them are simple phishing scams, but they're not much fun. The best ones are the ones that are still trying (and succeeding in rare cases) to exploit the most recent IE/CHM vulnerability when they're clicked. One of them downloaded and installed a mostly benign spyware/adware executable that changed the home page. The neat trick (or at least I thought so) was when on this new homepage, they basically admitted that they'd installed spyware/adware on your PC and offered you an uninstall link to assist you in removing it. Of course this uninstall link was an executable (note the social enginerring) and turned out to be a nasty trojan (I can't remember which one offhand).