PayPal phish: Dear Mr Scammer .....

There seems to be a trend over the past 6 months, of switching from links directly in the phishing e-mails, to having the entire phishing page in the e-mail itself (as an attachment). Others in the security arena have already publicised this for the most part, so I'll skip over the details.I wonder however, why our dear scammer has done this. I know it's to try and bypass phishing and junk