The worst thing that can happen with plain text is you are exposed to content you would rather not read.
This is why some email clients filter out images unless you explicitly choose to view them.
Of course emails that include attachments are also potentially dangerous no matter whether plain text or html.
So html offers a richer platform for malicious intent than does plain text.
So spam falls into 2 categories, content we don't want to see, such as ads for products we aren't interested in from sellers we don't know and malicious content meant to actually take over your machine or steal identity information that can later be used to access bank acounts etc.
Phishing attacks are usually email that looks like its from someone you know such as your bank or paypal, they ask you to click a link and update your account. The link may take you to a page hosting malware or it may take you to a page that looks like your real bank or PayPal and prompts you to login so they can get your password.
So its important never to click links in emails like this. Even if you think its real.
New ways of attacking are discovered/invented all the time.
Its really a sad state of affairs, the vast bulk of all email traffic is spam of some kind or another.