It used to be that you only got so called phishing emails (emails that solicit personal and confidential information from you) from Porn sites or other disreputable sites.
Nowadays just be online and you are the subject of such emails sent under the guise of being from a website such as Paypal, your bank, and other sites that might store that information.
The rules to keep yourself are very simple.
a) Do not open emails from places and people you don’t know, delete them straight away
b) Do not open emails from people and places you do know if the subject is one you are not familiar with. You have two choices here both work and are safe.
1. Delete as in a) above. If it is important they usually send several emails, by which time you will have sent an email to the company or individual, not using the reply button but by typing the name of the company in the To box and unknown mail in the Subject and asking them about the veracity of the email you received.
2. Hold the unopened emails and send a separate email, not using the reply button but by typing the name of the company in the To: box and unknown mail in the Subject and asking them about the veracity of the email you received.
3. The bigger companies have often have a mail address where you can forward emails you think are scams and you can try to send to firstname.lastname@example.org, or phishing@ ebay.com
Remember you will not get prosecuted for not answering within three days, if you have never paid VAT it is unlikely that the British government is really sending you a demand for such payments, and in all likelihood you have no long lost admirer or relative who wants to bestow great riches on you if you pay the cost of transferring the millions they have in a secret bank account.