It’s odd that they would have limited knowledge of English yet understand the prestige of Cambridge, be able to create genuine looking linkedin pages and target the attack so well. If you’re going to that much trouble running a spell checker over he email would seem like a reasonable step?

Most likely it’s a deliberate attempt to target people who are excited enough by the email to not notice the grammar.

Foreign language speakers aren't stupid. You can Google "famous school England" in any language.

There's no "second step" to this con. You don't have to get tricked into wiring them money. If you visit the page, you lose.

Exactly, they’re not stupid. So you’d expect them to use a spell checker if they intended for the attack to have a high success rate on English speakers.

There may have been a second step for the attackers goals after the zero day, e.g. ransomware or some other social engineering

A spell checker still doesn't detect faulty grammar.

A sufficiently good one does, grammarly being the most well-known example I'm aware of.