These spammers are probably using the dictionary attack method where anybody can get one.
Luckily most AV's have the siggy's of the attachments in their data bases, or if not they will soon enough, hopefully.
Dictionary Spam Attack:
(2) An e-mail spamming technique in which the spammer sends out thousands or millions of e-mails with randomly generated addresses using combinations of letters added to known domain names in the hopes of reaching a percentage of actual e-mail addresses. For example, a dictionary attack list might begin with john@webopedia.com, john1@webopedia.com, john2@webopedia.com, and so on until all possible combinations of letters and numbers has been exhausted..