Yes, I remember reporting a user some years back (not related to hacktoberfest) - the PR I got looked good until I looked up their account and found too many PRs (some of which didn't make a sense to the repo it was submitted) along with a link to their product. GitHub took action, said it was indeed spammy and thanked for reporting.
First time hearing about GitHub not ignoring a spam report.
Me and other maintainers of a project have reported a dozen users making obvious junk PR and issues containing few random words and all other activity similar random junk. GitHub did nothing, no response beside automatically generated one, spam accounts still there. The spam came in waves 3-6 within an hour, with only option temporary block all external contributions from non team members. After getting temporary blocked the spam reapers few months later. I assume that's some kind of fake account farming.
May be things have changed now that GitHub is much bigger than it was few years back? Account farming and/or whatever else, this will be ever changing cat and mouse chase. Which means plenty of custom settings and rules and stuff, making it difficult for genuine contributors.
