I have received hundreds of these spam password reset emails the past two weeks. Just as @clareswindlehurst said, the subject line includes my site name, and the username in the email is mine, but the domain is not. This weekend alone I received 54 of these emails. Is there any way to stop this? Other members of my team are receiving them as well, and it’s really disruptive and cluttering up our inboxes.
Here are some of the domains listed in the emails (none of which I’ve heard of before now):
https://longrun.com/blog/
https://mybiznetsite.com/blog/
https://www.plus.org.au/blog/
