There are a couple answers to this. One is simple mathematics. Unlike snail mail, email costs almost nothing to send, so a person working out of their basement can send ten million emails with very little overhead. Now suppose 99% of those end up in the spam folder, that still leaves 100,000 emails that make it to the inbox, now lets say only .01% of the people who actually see that email go ahead and purchase something, that’s still 100 sales, which can make the entire effort worthwhile to the sender. Of course, this is especially true for the ones that are only looking for you to share your bank account information.
The second reason is a little more devious. Sometimes, you’ll receive unsolicited email that doesn’t appear to be selling anything. They either want you to visit a website, or simply to open the email with images enabled. In these cases, all they are looking for is active addresses. They then take these addresses and compile a list which they will then sell to others as a quick way to build a subscriber list (not legal under CAN-SPAM, but that doesn’t seem to stop anybody).
We have many tools to combat spam and hacking attempts based on our needs and traffic. In a perfect world we would not need these tools as they are not graphically pleasing and steps to real users that they don’t deserve.