These emails fit the familiar profile of appearing to come from a major Internet company with attachments relating to customer accounts. They reinforce the basic rule:
"Don't open an email attachment unless you expected to receive it and are sure of source. If you have any doubts, check with the sender directly to make sure it is something you need to open."
The more urgent or enticing the email, the more suspicious you should be.
This particular attack used sophisticated spoofing techniques to make it appear that the emails originated from Amazon.