Most recently I got an email that was clearly spam (had a link to a website with a .zip file that was clearly malware) that was a reply from an order I placed with a supplier a few months ago ($8,800 worth of 105Ah rackmount SLA batteries) - the entire email I had previously sent was quoted. It's pretty sad when your legitimate suppliers are getting compromised and leaking data like a sieve.
Had this same thing, but then with a couple of my customers.
This is a phishing attack.
After a while I talked with one of those customers and they knew about it. It was "an email that got compromised".
Eg. one of their employees did fall for the phish and opened the email, clicked the link, opened the binary. Got infected and (a part of?) their inbox uploaded to the spammer. That is then used to send out new targeted phishing attacks where the name is spoofed, but send from another victim of theirs. Pretty effective phishing attack it seems. Took me a bit before I realized what I was looking at as the email seemed to come from that customer. It was only because it was a bit weird that I noticed things being off like that the email address itself was different.
