That thing where they claim the username/password combo is wrong?
That sounds like a really good idea if the site thinks the reason they're a lot of different lock-on attemps from that one ip is because its a hacker with a list of stolen credentials.
Basically just tell them their list is fake and "go away and stop bothering our customers, please."