Yes, even Microsoft employees get sent malware

Much like the real deal, computer viruses know not race, skin color or creed. When malware is delivered, what prospective victims do for a living is equally unimportant — even if they’re being paid by one of the largest software companies in the world to keep customers safe from cyber threats.

But no inbox is truly safe from viruses and malware. Not even those belonging to Microsoft employees. Of course, they at least they know better than to open suspicious emails.

Patrick Nolan of Microsoft Malware Protection Center described a recent run-in with a fairly transparent scam. The malware expert received a spelling error-laden email which claimed an attached photo was of him and less than flattering. “Your ex sent me this picture claiming it’s you. Is it really so? You probaly should see a doctor:) They can cure it now:),” the message read.

Nolan found that the photo hid a nasty new Trojan called Gamarue.E, which Microsoft ranked as a “severe” threat upon its discovery in January. No other details on the virus have been released by the company.

According to Nolan, a bot network command and control server talks to Gamarue.E once it’s infected a computer, leaving it susceptible to other outside attacks.

“The theme of the spam uses a type of social engineering that leverages the shock of allegation to trick the recipient into opening the attached file,” he explained. “If the recipient opens the attached file in an unprotected environment, this Win32/Gamarue variant will try to download other malware.”