We are already flooded with spam emails, and certainly do not need unsolicited emails with unknown origins and dubious attachments.
I received an email with the subject "For the Position HR Manager ...", sent straight to my email address, from some free email address. The message was basically talking about wanting to work in human resources in an established organization, and a CV was attached.
I did not bother to read the email and deleted the message right away. What are some of the giveaways?
1) The email was sent directly to my email address and yet did not address me directly.
2) The alleged name used is different from the name in the alleged sender email address.
3) There is an attachment.
Now, you might imagine (3) sounding rather ridiculous. It is not. There is an avalanche of malware floating around, usually through social engineering of some kind, by hoping recipients would click on the attachments. And sure enough, many of the malware infections in the wild, are simply because attachments from dubious origins were clicked on.
In our practice, we do receive unsolicited job applications, and some of those candidates we actually met up and even hired. The difference is that REAL applicants (and not malware senders or other dubious individuals) would have at least visited our websites, read through requirements, and applied through designated online forms. We would then choose to follow up as appropriate.
So, the next time you receive an unsolicited email from a dubious origin (whether an unknown person or dubious upstream trace), with a dubious message, and dubious attachments, simply discard them.
The risks are too high to bother, and real important messages have a proper way of finding you. For example, if you really have a message from the government proper, an AR registered letter or package would have to be signed by you. If you have important documents or parcels, a courier would deliver it to your doorstep and have you sign for it.