This type of thing has been round for absolutely ages.
The only thing that changes it the bait on the end of the hook, hoping to catch some unwary fish on the hook. I got one in my email this morning and dealt with it using MailWasher Pro.
It isn't just don't open attachments, but click the links inside any unsolicited email, even if they look like they come from a friend, confirm, confirm, confirm. The form address is easy to fake and it as email addresses are harvested from an infected users system.
Perhaps your wife would care if she couldn't use the computer because of infection. I would also suggest changing her account to one of a limited user if security isn't something that she cares much about. This won't stop her/you getting infected, but it will limit the damage. You should also make her aware that it could mean that her friends get the same sort of emails from her if the system is infected.