To explain my point about scams trying to look legit, and how trying to do so isn't always the scammers plan i'll put it slightly differently. The whole idea with a deliberately scammy looking scam email is so only the easily fooled reply, sending out the emails is free and effortless for the crooks but to actually get money from someone their victim needs to "bite on the line" and respond, the more emails are used to "reel them in" until they give out sensitive data. If a scammer sends out legit looking emails he's going to get a higher number of responses per million he sends, but then most of those who responded to the first email will realise it is a scam when the scammer replies again to them. The replying again bit takes effort, the scammer can only (for time constraint reasons) reply to a given number of emails but he can send an infinite number out.
So if the scammer makes the scam emails look like scams in the first place then he will get less initial responses per million addresses spammed but the fact that people responded to these really scammy looking emails he sent indicates those few he has "hooked" are more gullible. That way when the effort bit, of replying to the victims first reply, comes round the scammer knows that at this stage he has a more gullible group of people than a legit looking email would get, so he knows spending time working on these people will more likely pay off for him than spending time trying to convince average responders. by making the email look scammy he has pre-selected so that his responders will be more gullible than if his email had looked legit.
Ofcourse that pre-selection business doesn't work with scammers who send infected attachments rather than try and con people into giving them financial info. Because attacking someone with an attachment doesn't need them to respond and be "reeled in", but where a victim requires some persuasion between the "millionaire prince" telling him he is a distant relation and the moment he lets the "prince" have his money the scammer would end up making more money per unit effort (not per email sent but they are free anyway) if he pre-selected so only really gullible people (rather than merely plain gullible) would even make a first reply. It's a logical argument i read somewhere, years ago, for why so many scams actually start " Dear valued friend i am writing to you from (insert scam source nation) about a large some (and they do have deliberate spelling errors) of money which appears to belong to you...". If you treat the "cost" of the initial email being zero, but the "cost" of effort and time for the scammer to reply to his victim's reply is non-zero then making the emails look as ridiculous as possible in the first place turns out to be the crook's easiest strategy.
AS for info internet users leave behind, individually any piece means nothing but it is scary to think how much can be deduced from combining stuff. If someone trying to spy on a user finds the right links between different content the user has made they could probably trace a lot of real info about them very quickly.
Spam filters can never truly filter all spam, for mass messages they have to have a few get into some people's accounts before they (the email service provider) realise a message is sent out in large numbers, or they have to have multiple receivers report a sending address as spam before they block that address, and searching for keywords isn't very reliable. In most cases it is harmless to open the email (unless your email account is set to display images) but all attachments from addresses you have not seen before should be considered infected, all attachments from people you know which you had no reason to expect (and the message content doesn't sound like them and provide a reason they should be sending an attachment) should be considered infected (your friends account could be compromised), any emails referring to you by "valued friend" "customer" "user" "account holder" rather than a name or pseudonym you use should be considered unworthy of reply even if you know they are legit (if someone can't be bothered to know who you are, you can't be bothered to respond) they are also almost always scams, no links in emails should be followed unless you know the sender well, he has a good reason to send you a link and he sounds like himself in the message.
Back on this site, for a while anyway, been so busy the last year.
My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB