In reply to Rob Exile Ward:
There are a lot about. Amazon, etc are easy targets as many people have those accounts.
I investigated one that had slipped through the AV at work, purportedly from the DVLA notifying about a Congestion Charge fine. I sent a mail out asking that if people had clicked on the link to unplug from the network, and turn off wifi etc. Many people were very angry, stating that if they did that they wouldn't be able to do any work.
Even if you run an AV, malware will get through on occasion. AV is updated every 30 mins or so, which gives a 29 min window of attack, against even the most savvy users or protected systems.
A good way to spot them is to look at the message source. If it was sent from dsl-123.isp.example.com then it probably didn't come from paypal. Also links can be obscured to that it may say paypal.com in the mail, but the actual link is to evil.com.
There are online virus scanners which will check to see if it is a zero day virus. Though even these can take some time to spot a new variant.
https://www.virustotal.com/ is a good one.
And yes, Macs do get viri, as do phones. Use an AV. There is no excuse not to, as there are some good ones that are free, such as sophos etc.
If you whine about it slowing down your machine or running down the battery, imagine how much slower things would be if your hard drive became encrypted. The bad guys charge £250 and up, to decrypt it and if you don't pay within a week they delete the decryption keys. Fun, fun, fun. But you've got recent off line backups, right?
Post edited at 16:23