For some reason hackers are always looking for a way in, a way to disrupt business, bring down your site or generally cause you problems. Just recently we've received a few complaints from our clients about receiving spammy messages via their contact us pages, or other form submission pages. To be honest, there's not a lot we can do to stop this, if they're all coming from the same IP address you can try and block it (here's a guide for that actually) but they don't always come from the same IP sadly (looking at the access logs will tell you where the traffic is coming from, here's that guide).
The easiest way of stopping this kind of behaviour dead is to add a reCAPTCHA to all the forms on your site. I know that it's annoying when you want to fill in a form and then have to prove that you're human but there's a reason why it's there... to stop these requests from happening. We can't tell you how, it's not that it's a secret, but that it's all done through the CMS. Most CMS' will have a built in facility to add a reCAPTCHA on to any page. If you're not sure how to do it then have a chat to your developer, they'll be able to help you.