We just saw a potentially tempting take on an email trying to get a recipient to open an infectious file:
Fraudulent cc charge from your domain address
I just found a $189.55 charge on my credit card originating from your domain address
I never ordered anything from you so what is happening?
Please check the card statement below and let me know what to do to get my money back: Falsely identified link to an infectious file
What they are hoping is that you, as a merchant, get aggressively concerned and click the link.
Don’t do it. Check out the URL of the link first, if it looks suspicious, do not open. If it is an email that looks like the text above, it will be suspicious.