The worst thing that can happen with plain text is you are exposed to content you would rather not read.
With html and particulary in combination with javascript or use of media players etc, the worst that can happen when you visit a malicious web page is your computer can be infected with a virus allowing a remote user to use your computer any way they wish usually without you even being aware of it.
This is why email clients typically strip out anything like javascript or rich media like Flash. Even image files have in the past been used as an exploit against system bugs in browsers and operating systems. Not long a go there were ways of taking over an unpatched machine using a malformed .png or .jpeg file.
This is why some email clients filter out images unless you explicitly choose to view them.
Of course emails that include attachments are also potentially dangerous no matter whether plain text or html.
So html offers a richer platform for malicious intent than does plain text.
So spam falls into 2 categories, content we don't want to see, such as ads for products we aren't interested in from sellers we don't know and malicious content meant to actually take over your machine or steal identity information that can later be used to access bank acounts etc.
Phishing attacks are usually email that looks like its from someone you know such as your bank or paypal, they ask you to click a link and update your account. The link may take you to a page hosting malware or it may take you to a page that looks like your real bank or PayPal and prompts you to login so they can get your password.
So its important never to click links in emails like this. Even if you think its real.
New ways of attacking are discovered/invented all the time.
Its really a sad state of affairs, the vast bulk of all email traffic is spam of some kind or another.
Best,
Joe