It just sort of comes with the territory. If you have a massive financial network online that allows people to transfer money back and forth, the dark side of the Internet is going to recognize the opportunity that presents and take advantage of it. The fact that most of the PayPal users are not all that technically savvy and no little about information security just makes them that much more attractive targets.
The phishing email contains the obligatory spelling and grammatical errors that should be red flags to any recipient above the third or fourth grade level. In closing, let me just remind everyone once again not to open file attachments–especially file attachments claiming to be from some financial institution you do business with directing you to fill out some attached form. PayPal, your bank, and any other reputable business will not ask you for sensitive information via email or with a file attachment.