I've got a few of these mails already in my inbox so I thought I better warn you, in any case you should know already to never trust on any mail supposedly coming from Paypal unless URLs in the mail use "https" secure transfer protocol prefix:

According to security company F-Secure, Mimail.j is almost identical to Mimail.i but seems to be spreading more quickly than its predecessor. The latest variant of Mimail appears to be sent from "Do_Not_Reply@paypal.com" and contains a string of random characters in the subject line. Attached to the e-mail is either a file called "InfoUpdate.exe" or "www.paypal.com.pif".