It's hardly surprising, at least to anyone who's spent time looking at phishing scams, but the recent economic turmoil has led phishers to get creative. Here's an example email that preys on the unwary by exploiting the Wachovia/Citibank merger.
Once you visit the site you are asked to download an executable (which actually starts automatically downloading via an automatic refresh after 15 seconds.
The executable contains a nasty piece of work: Mal-EncPk/BU.
I didn't go further and actually unpack the executable to find out what kind of nastiness, but there's plenty of it to do around.