Malware can't really be embedded in the body of an email. Either there will be a link in the email that takes you to a webpage which executes malware (on outdated, unpatched browsers usually) or attempts a phishing attack by tricking the user.
Or, if they don't use a link, they may include malware in an email attachment. To become infected a user has to download and execute the file in the attachment. If the user doesn't have antivirus at this point (or ignores it) then the virus can do whatever the creator wants it to.