I don’t know where you heard this FUD (Fear, Uncertainty, Deceit), nothing is fully undetectable.

Common Sense also plays a major part in your protection.

So someone sends you something, by email, you have to A) accept the email, B) open/Run the attachment or C) click on a link in the email taking you to a remote site or running a remote script, etc. So there are plenty of opportunities to smell a rat (excuse the terrible pun) and delete the email.

There would have to be a degree of complicity from the user.

So, never open unsolicited emails, don’t open attachments or click links in unsolicited emails.