This is one of the ways the advanced persistent threats are being propagated. A link is embedded in an email and it looks to be coming from a credible source. Instead, it is coming from a hacker or a nation state. It is much easier to social engineer someone to click on an email, than to hack a firewall. Once they are on your machine, they can go undetected for years. Make sure you educate your end users on proper internet hygiene. You should also enable malware and malicious website categories on your web filtering product to help prevent you from going to places you should not go.