Comment by duskwuff

> This is a failure on PayPal’s email template that the freeform text field appears just as legit as other items.

This is a somewhat common pattern in scams - abusing freeform text fields in emails or other messages to give the impression that a message is coming from a source that didn't intend to send it.

Another variant I've seen is malicious URLs linking to search engines which display the user's search terms, e.g. a link to a Microsoft site search with a prefilled search of "YOU HAVE A VIRUS, CALL MICROSOFT SUPPORT 555-1212".