Email attacks-spam through wordpress email.

Hi I have two wordpress sites and both get a fair share of spam attempts and logins from around the world. (Why are people so destructful?) Anyway I have wordfence installed and of course it updates using the wordpress email wordpress@mysitedotcom It’s this email they are using to try to gain entry to my site, I know because within wordfence emails it says user such and such ip address area has been locked out from login in with unverified login details. I’ve set wordfence to one attempt then ban for 60 days (the highest setting). Fair enough it’s doing its job, thanks makers of wordfence. But is their a way of getiing rid of the standard wordpress email that will stop these attempts in the first place please anyone. As todays spam count for one site stands at 194. I asked my host company and they said it must be a plugin I’m using. These site are directories so I need to have anyone can register on. (Though right now I’ve turned it off yet still this is happening. Obviously my concern is one might succeed. Thanks.
p.s. only been a wordpress user for the past three months so might be missing something straight forward, I apologise now for my ignorance if that’s the case.