They hacked into Cryptsy's servers and the phishing emails are coming from Cryptsy's actual email. Also people are getting the phishing link sent to them via SMS/text message to the phone numbers that they have listed for Cryptsy's 2FA.
The truth was this
Cryptsy has had problems for some time now and it’s time to let everybody know exactly why. These problems were NOT because of any recent phishing attacks, or even a ddos attack, nor does it have anything to do with me personally.
About a year and a half ago, we were alerted in the early AM of a reduction in our safe/cold wallet balances of Bitcoin and Litecoin, as well as a couple other smaller cryptocurrencies.
The full article you can read from here,
http://blog.cryptsy.com/