Many social engineering efforts are focused on tricking users into disclosing usernames or passwords, allowing attackers to send messages as an internal user to further their data stealing attempts.
In April 2012, hackers distributed a malware campaign pretending to be an email about a revealing photo of the recipient that was posted online. The email body featured a variety of messages with an attached ZIP file, which contained a Trojan.
Subject lines used in the spammed-out malware campaign included:
RE: Check the attachment you have to react somehow to this picture
FW: Check the attachment you have to react somehow to this picture
RE: You HAVE to check this photo in attachment man
RE: They killed your privacy man your photo is all over Facebook! NAKED!
RE: Why did you put this photo online?
Keep your wits about you, and your antivirus up to date, and you should have little to fear.