How do I know this is happening?
I'm using a free plugin that emails me when it soemone tries to break in. Not only that I can limit the amount of times they can try to login and I can determine how long they will be locked out.
I've tried a bunch of paid plugins and many of them work but but this one if free so I thought I would pass it along. Even if it's the only security pluging you use it will help you.
I hope this helps.
WordPress › Limit Login Attempts « WordPress Plugins