I have been getting reports of members being emailed by the site cause they have tried to login several times and not been successful. Each time it happens, the member themselves has not been trying to login. Tracing these login attempts via IP, they appear to becoming from Eastern Europe.
It seems that cause we have really good anti-spam measures installed on the site software, where we block upward of 50-100 attempted spam registrations an hour, that the spammers are now trying a new trick. Using member accounts to try and get in, with password guessing. Once they try to guess a password 5 times, it locks their IP out, and the site emails the address attached to the account to advise them of the attempted logins.
So if you get an email about attempted logins and passwords being incorrect, it is most likely an Eastern European spammer trying to gain access to the site by guessing an existing member's password.
As long as you have a good strong password, the chances of them guessing it are very very very slim. But if your password is..password.. or .. abcde, or your password is the same as your username, then you risk spammers accessing your account.