There are a few threads around about this, over the last weeks, months and years. Probably stems back to a data breach years ago, and spammers will have harvested addresses from other sources as Browni has noted. Plusnet largely seem to distance themselves from the issue, claiming that the service mailing list management was delegated to a third party and it's them who had the data breach or sold our addresses on to scammers. Either way, it's likely to have been ages ago it happened, impossible to trace and zip chance of doing anything about it now.