As users have pointed out, spammers would have to get very lucky to guess such an email address, or the user email list was compromised.
Dropbox and users have suggested this might be part of last year’s breach, but users who registered after said breach have reported receiving messages.
This is as good a time as ever to mention security and online awareness. If you were utilizing an email address that you use for your consignment store and you signed-up for Dropbox with it, a spam email with a phishing link or other attack could find its way into your business systems.
Just be vigilant when it comes to the messages you receive and always think twice before opening messages or clicking links.