It is possible that the information used in these phishing emails may come from the eBay breach that occurred earlier this year. This phishing attempt contained both a PayPal address and a company name that are on file for a specific account. “Phishing mails always start with a generic ‘Dear customer’ or ‘Dear Client,’ but this one not only addresses me by my full name,” a user, Phil, wrote to Consumerist. “It was also sent to an email address that I use EXCLUSIVELY for my Paypal account.” Another likely explanation is that one of his customers fell for a similar phishing scheme and had the contents of their inbox harvested, including Phil’s company name and that limited-access PayPal address.
The phishing attempt tries to entice a user to click on the link which directs them to a malicious PayPal lookalike in order to obtain usernames and passwords. Remember that clicking links in emails can be dangerous, and it is advisable to directly navigate to the site in your browser instead.
If you ever receive a suspicious email, please forward it to firstname.lastname@example.org.
Source: The Consumerist