Yes, "serves the right if they open it", but explained:
* There are "rules of thumb" about not taking stupid risks in life. The most basic are ones like "don't talk to strangers", etc. People should expect there to be with the Internet as well, but many don't because they prefer to act and remain ignorant, because "it's not cool to know your stuff with computers".
* Why would I have to read an attachment for details when it could be written in plain text in the email?
* Pretty much from day one, if I thought an attachment could be dodgy, I manually virus-scanned it with an up-to-date scanner. Nowadays I know that is spam/dodgy straight away and would just ignore/delete it.
* Presumably people being targetted by this virus have yahoo accounts. If not, what are they thinking in opening the attachment?
* What's inside the attachment, an executable?
The only thing I would say in defence of the idiot population is that companies should inform their customers when they open accounts with them, how they will communicate them, what to expect and not to expect. For example, if there was a widespread/common problem with "accounts expiring", the company should direct the user to a URL on their website. The user then knows (with a fair amount of certainty) that the information is genuine. The company should also say in no uncertain terms that they'll never send attachments, or ask for passwords, etc.