If you rely heavily on e-mail you will have to know the basics of phishing attack prevention. Even if a message appears to come from someone you know, spoofing a senders address in an email allows hackers to gain your trust. If you treat that email as a request from a reputable source you are more likely to click on an embedded link that takes you to a fake website that requests things like your username and password or other sensitive information. A file attached to an e-mail message phishing scam could contain a virus. NEVER open these or allow them to run on your computer!
Here is a little video I put together so when in doubt you can use this test.
If you are unsure, be sure to contact the sender by some other means to gain added assurance that the attachment is valid. Also, NEVER reveal usernames or password or any personal or financial information in a response to an e-mail request, no matter who appears to have sent it; your office may be the target of a phishing scam.