This is as granular as I want to get in this blog. But the problem with email and other security attacks today is that they start with the individual - YOU. The IT department (or your ISP) can have a whole boatload of cool tools but if the threat is embedded into a message OR ATTACHMENT type that is "permitted" - like the zip and rar files shown in the link, then there's a large chance that they will penetrate the defenses.
To most security folks, this seems quite simple, and we tend to be more cautious about opening anything. The rest of the folks inside the network are less cautious. Here are 5 Simple Tips to improve your chances:
1. Suspect All Attachments
2. Know the sender - if the URL is complex, be suspicious ( firstname.lastname@example.org )
3. Suspect ANYTHING from Fedex, Ebay, Facebook, etc., especially if you aren't expecting anything
4. Immediately contact IT with anything suspicious and DONT forward the email. Let them view it remotely or in person.
5. Then delete and empty trash for anything suspicious.
Thanks to Zeljka Zorz and Help Net Security
The danger behind low-volume email attacks