The email Tom got was sent via the site’s “contact form”. This is the html form used to contact people on the “contacts” page without using an email client.
It means another bot/idiot has found the pcaucr.org site.
One solution to this would be to implement captcha or similar to prevent bots from accessing the form. I’ve always hated captcha so I had resisted implementing it. What I have done now is to make it necessary to logon to access the “contact form”. The form now can still be misused, but only by UCR members.