My e-mail servers are being hit about 1,000 times a week with robots trying various username and password combinations. This is quite normal given the uncontrolled criminality we see online nowadays.
There are many that are clearly working their way through a dictionary of known combinations, such as default passwords or idiotic ones such as 123456789. However a significant number come from my personal e-mail accounts known to have been stolen in the past.
An interesting exercise is to see what happens if I publish something online, such as this: Contact Support.
Whatever you do, don’t use that address as at some point you’re going to get your server blacklisted. This is purely for research. Let’s see where it goes.
Edit: 2024-04-12
I can confirm following a very short analysis that these passwords are being derived from at least three sources known to have suffered a data breach. Namely Pooleys, Property News and LinkedIn. The original password is being altered slightly, such as casing and they are appending the year, for example, password2017.
It’s a massive attack each from a different IP address suggesting they are running a massive botnet to do this distributed attack.