Purchase orders, invoices and receipts are very common lures for phishing and malspam campaigns. In this case, the vagueness of the message should be a red flag. When in doubt about emails like this, it’s best to err on the side of caution and not click on any links or attachments, which may direct you to phishing content or contain malware.
In this case, the PDF tries to make you believe that it has been secured in a way that means you have to login to view the content. In reality, clicking on “View On Adobe” will actually take you to a phishing site that pretends to be the Adobe login page.
