The download and a click on the attachment opens up a HTML file that mimics the PayPal's "My Account" page and asks the user to enter its credit card and personal information in order to "remove the limitation" regarding the ability to access the account.
The e-mail itself should raise some suspicions, especially because the e-mail account from which it arrives is not one of PayPal's. But, in general, users should do well to remember that they should never follow links or download attachments from unexpected or unsolicited e-mails, but to go directly to the site in question by typing the URL in the address bar of the browser and log in there to inspect the claims from the e-mail.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.