In the past several months, there has been an uptick in email accounts being compromised and used to send spam. To increase the security of your account, there are two measures every email user should take immediately:
My best guess as to why spammers are targeting accounts with weak passwords is that it is the most reliably way to send spam. The leading email service providers have significantly increased the barriers to email forgery, a favorite tactic of spammers. The widespread adoption of SPF and DKIM have helped, and the adoption of DMARC is helping further. When mail servers deploy these technologies, they reject over 99% of phishing, cousin domains, and other types of email forgery.
Because it's increasingly difficult to steal the identity of popular domains in their spam, and because spammers often control botnets with thousands of hijacked computers, it is economical for them to use botnets to crack passwords and send spam using legitimate email accounts.