I'm sure this question, or something like it, has been asked before, but I haven't yet seen an explanation that I can fully understand - so apologies for asking it again.

Could somebody explain to a non-techie why NIS cannot detect/block spam, viruses, etc that come into someone's pc via web mail?

For example, there have been a number of cases where people with Hotmail accounts have suffered attacks such as phishing, spam, viruses etc when they open an email in their Hotmail inbox.

I appreciate that Hotmail is hosted on some server or servers somewhere else in the world, but in order for mail to appear on a person's own pc, it presumably has to be downloaded to that pc (via the person's own router provided by their ISP) so that it can appear on the screen.  So why can't NIS detect and block any viruses etc at the point it arrives at the person's pc?  After all, NIS appears to be able to interrogate other traffic coming down the line onto a person's own pc.

If NIS can't block viruses delivered through Hotmail (or other webmail), then what can be done to properly protect a person's own pc from such attacks? (Yes, I know the webmail providers have their own virus scanning software, but it obviously doesn't work in some cases - especially where opening mail in the inbox somehow results in random emails being sent to everyone on the person's webmail contact list).

I'm aware of the advice about not opening emails from people you don't know or trust, and not clicking on links within an email, but sometimes these viruses still get through.

I hope this makes sense, as I'm sure I'm not the only one who doesn't understand this.

Many thanks.