I am sure that you have heard of people who opened an email attachment and their computer was locked up shortly thereafter. There is a common sort of malicious software which is known as ransomware. What happens is that your hard drive is encrypted and you don’t get the key to unlock it until you pay an amount of ransom, usually with bitcoin. The city of Baltimore was recently attacked by a version of ransomware known as Robin Hood and they were down for weeks.
Every business should have a policy around opening an email attachment. You should look at the actual email address, the name on the email may say that it is from someone you know, but the email address could be a hacker. I have seen email that looks like it came from a friend, even showing the friends name, but when you hover your mouse over the name an email address in Nigeria is visible. In our office we have been moving towards using a portal for transferring files, as we would like to see fewer attachments. So, give this some thought and make a few policies about the opening of email attachments at your business.