I haven't seen this be an issue on any of our websites for a long time. I guess it's because of how we deploy websites now. Some of the things we do to mitigate this include:
- Change the names and create custom versions of the register and login pages.
- Add RECAPTCHA to the registration page (only as a last resort).
- Use non-Core options for the registration and login forms (e.g., Live Forms).
- Put the website behind a CDN (e.g., CloudFlare, Incapsula, etc.).