Phish out of water

Spam and phishing emails are still getting past my ISP's filtering. An html-formatted phish email pretending to be PayPal arrived today. Of course, the phishes are always html-formatted because it's the only way to conceal their blatantly fraudulent hyperlinks. Anyway:

You are receiving this notification because PayPal is required by law to notify you at least quarterly that your account statement is available.

Oh, good Lord. But the funny part is in a sidebar of the formatted email titled "Security Center", where it says (in part):

PayPal will always address you in emails by your first and last name, or by your business name if you have a Business account.

So how did this email address me?

Dear PayPal member:

Bzzzzzzzzt! Bad phisher! Bad! No biscuit!

Along these lines, the feel-good story of the day: State of Virginia jury recommends nine-year sentence for spammer. That'd be nice if it sticks. Unfortunately, since the guy was a prolific spammer for several years he's built up millions with which to pay lawyers.

If someone spammed you with an offer to send out goons on your behalf to beat up a convicted spammer, would you respond to that spam?