Details come from @BarracudaMSP (advisory). The key element is to carefully check incoming email, and never open an attachment if you have any uncertainty about its origin. Good security software is very helpful, but cannot save you from everything, especially if you execute it yourself.
For my clients, let me note that you have the ability to scan an attachment without opening it, and I can do it for you on an isolated machine for additional safety. But I can only do this if you call!
Don’t take chances!