I think it's only spam that is a front for a Nigerian scam (or similar) that benefits from screening out the non-gullible. Spam that's trying to get you to click on malware simply wants you to click on the malware - it doesn't require the victim to do anything more than run it.
I've been slightly alarmed at how good the spam coming in to my work account is. It's not hard to target Exchange shops with convincing-looking 'mailbox full' or 'account locked' messages. And academics with an international profile do have a genuine need to deal with incoming email from unknown foreign sources with non-native English and a request that only makes proper sense when you visit the website or open the attachment. It's a wonder that any university isn't hopelessly compromised.
no subject
I've been slightly alarmed at how good the spam coming in to my work account is. It's not hard to target Exchange shops with convincing-looking 'mailbox full' or 'account locked' messages. And academics with an international profile do have a genuine need to deal with incoming email from unknown foreign sources with non-native English and a request that only makes proper sense when you visit the website or open the attachment. It's a wonder that any university isn't hopelessly compromised.