Date: Thu, 12 Sep 2013 20:29:17 +0200 [14:29:17 EDT]The attachment is Invoice_20130912.zip which in turn contains a malicious executable Invoice_20130912.exe (note the date is encoded into the filename). The detection rate at VirusTotal is just 3/46.
From: QuickBooks Invoice [firstname.lastname@example.org]
Subject: Important - Payment Overdue
Please find attached your invoices for the past months. Remit the payment by 09/16/2013 as outlines under our "Payment Terms" agreement.
Thank you for your business,
This e-mail has been sent from an automated system. PLEASE DO NOT REPLY.
The information contained in this message may be privileged, confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify your representative immediately and delete this message from your computer. Thank you.
Automated analysis     shows that amongst other things, the file attempt to communicate with the domain leightongriffiths.com on an apparently compromised server at 18.104.22.168 which has been seen before.
Given that there are now several domains serving malware on the same server   it is probably safe to assume that all the domains on that server are malicious and should be blocked.