I have been monitoring this crap for a number of months now and have installed honey pot on a number of site and it works for nearly all but some still get in. The vast majority of these are from .ru and they are relentless in there attacks. In the end I have had to change the settings in admin to limit the form submtions to every 50-60 miniute I did this in incraments of 10min and the attacks reduces in line with the increese in time. Now with the resubmit set to 60 minutes they are down to 3 or 4 per email address per day.
I guess they just give up after a few hours!
From what I have seen on the 4 test sites that have been under attack these are not bots but actual people, they are clearly using some sort of script to generate the user names as they follow a pattern but all the emails used are real and clearly stolen and most are real.
In my sites they all appere to be attacking the customer account form. From what I can tell so far they are attempting to inject scripts into the address fileds.
Why? Who knows I've yet to find a sucsessfull injection! I simply deleat the accounts every so often.