Easy enough for malicious persons to change the name of the ".exe"

So never run any .exe files unless you know what they are, were expecting them from the person who sent them, and ignore attachments that come with a "generic" message - ie "try this, you'll like this - signed Fred" - even if Fred is a great friend - as viruses have worked out how to sign themselves as coming from the (unwitting) sender who may be a regular and trusted correspondant.