It's easy to bypass NAT if you send somebody an email and they click on the attachment

IIRC, that is how somebody stole a list of AOL customers, a few years ago.

Whether they used an .exe attachment or some more subtle method like a malformed Jpeg, I don't know.

But the basic principle is that if you can get somebody to execute code of your choice, then (assuming the "somebody" has access to the internet) all the firewalls in the world are worthless.