One of the recently active Worms commonly uses an "undelivered mail" message as its means of transmitting itself. There have been more than a dozen "variants" on this one - apparently some sort of "war of the crackers," since some variants try to disable previous variants in order to put themselves on your machine and remove the prior versions.

A "click here" link in any suspect email can also be used to "install" malware. AV software generally looks for things that install themselves or run automatically, so an attachment that "just sits there" may be missed. When you "click," the link is to a (usually) .dll that actually puts the bad stuff in place. AV can't do much about it if you tell it to install a "program" by clicking the phony link, just as it can't do anything about the spyware embedded in most "file sharing" programs if you tell it to install the program (no matter how inadvertent the instruction is).

John