I don't think this is unique to NameCheap, I've gotten both metamask and DHL emails from other lists I'm on, I assume from the same threat actor. I would assume that they're opportunistically using whatever mailing list they can gain access to.
They're actually pretty common, just like there are tons of metamask phishers on twitter. Those are just popular vectors because they're fairly broadly effective. Preventing spam and phishing like this is unfortunately a pretty big part of the job for anyone in the business of sending email. (source: engineering manager at a marketing platform)
