Re: So, you're not opening an email in Excel
I'm guessing here as it's absolutely ages since I've used MS mail clients or allowed macros in Office documents, but maybe if 'attachment preview' is enabled in the mail client and macros are permitted to execute in Excel by default, the Trojan might activate without any user intervention other than opening the email itself.
If so, security is once again antithetical to convenience.