This is an interesting scam technique. The Bad Guy sends a PayPal invoice, and at the bottom in the "Invoice Note" section, writes what appears to be a message
from PayPal warning that PayPal has identified suspicious activity. The warning includes a phone number to call.
Since the e-mail comes from PayPal and is viewable on PayPal's website, it
looks like an official suspicious activity notice from PayPal itself. Unless you notice the words "Note from seller", you might not recognize that it's a fake. And the phone number is, of course, not PayPal's real phone number.
Oh, that was a new one.
Got an email from PayPal about a suspicious payment request. I verified the email came from PayPal, but went into PayPal itself to check. Sure enough, suspicious request, and the note indicated it had been flagged, with a number to call.
I called.
And while I was on the call, went to the PayPal "Contact" link... and realized it was a different number.
The attacker was using the INVOICE NOTE to phish for details.
Hoping I didn't expose to much before I figured it out.