An attacker sending a specially crafted (signed) email could make you automatically load a page upon receiving it, at least this seems to be the case with Outlook and some other Office applications, according to this paper by Alexander Klink.
He also provides a proof of concept, send a blank email to smime-http@klink.name and you will receive an example email demonstrating this vulnerability.
