I've seen a definite uptick in these
Had a few land in my spam folder this week.
They all use the same throwaway password I only use on websites that insist on registration but hold no other information beyond an email address, password and login name.
Honestly though, I guess I fall into the lucky-enough-not-to-care bracket, although I do understand there are poor souls for whom such a threat must be awful.
It's clever though, when you think about it - pull an email address and password out of one of the large files of them out there and spam away. The addition of the password adds a certain level of believe-ability that would otherwise be missing and I can see how it would fool a lot of people.