This harkens back to the oldest days of online ventures, when mass-distribution of “virus alert” notifications was a thing that we dealt with on a weekly – sometimes even daily – occurrence. In a lot of cases it was proven that “the distribution of the notification” was, itself, “the virus”.
That doesn’t mean that people were passing on notifications that contained malicious code or damaging contents, only that “the propagation of the warning notification” was the time suck and bandwidth bottleneck (because everyone was always instructed to “pass this on to everyone you know!”) which created the waste of time and resources that someone wanted to create.
In nearly all cases, as @Mariah notes above, the main problems theses days are:
– links to malicious sites (especially when the site shown in the hyperlink “appears to be” benign, but instead reroutes to a hidden location), or
- attached files that contain malicious code, and which the user may elect to start (“because I know who it’s from”) without scanning first. (People forget that if other users have had their security compromised then the file from ‘Joe Blow’ may not actually BE from ‘Joe Blow’.)
- apparent links from known entities such as credit card companies, banks and other financial institutions that are spoofed – that is, not really those organizations – and who use the fake sites to collect user name and password information for fraudulent use. That’s what “phishing” is.