The Lounge is rated Safe For Work. If you're about to post something inappropriate for a shared office environment, then don't post it. No ads, no abuse, and no programming questions. Trolling, (political, climate, religious or whatever) will result in your account being removed.
When I sign up to a site that requires a password, I generally use a unique email address. (I own my domain name so can have unlimited email addresses; there's a catch-all that routes non-existent addresses to my "real" mailbox, but retains the original "to" address. This way if I get spam addressed to "codeproject@[mydomain]" I can be pretty certain that it was CP that leaked my details / sold my address (for instance).
The only pain is if, when contacting them for any reason, they insist on having a sending address that matches what you signed up with. But they're few and far between.
Who'd fall for the Nigerian prince?
Who'd fall for the last remaining relative?
Who'd fall for the lottery winner?
Who'd fall for the virus on your computer?
Who'd fall for the naughty pictures they somehow have of you?
Sadly, plenty of people, or they'd stop doing it
In fact, an IT manager at a very high profile customer fell for it a few years back, got his computer locked
If IT managers fall for it (and I don't think the good ones will), the less IT inclined will certainly fall for it.