I recently received a phishing email loosely disguised as an order confirmation that attempted to install the Backdoor.Win32.Haxdoor.ga virus.
It was pretty obvious that it WASN'T a legitimate email since the EXE was inside a ZIP file attachment. Very unlikely that any company would send an order confirmation inside a ZIP file let alone it being an executable program!
The gory details can be found here: Phishing - Order Confirmation number: WC2905036
You can read more about these types of phishing and spam emails at http://www.spamandphish.com.