but how did they got my mail address? I never ordered something from bitmain-alliance? 
It doesn't matter even if you ordered on their site or not, as long as they've got your email address they will send whatever they want, of course with the sole purpose of scamming.
Unfortunately it'll be hard determine the exact reason on why they got a hold of your email but I can think of some possibilities such as:
- Mass buying illegally
- Getting from a site where some emails are publicly displayed e.g. facebook, forums, whois etc.
- Database leak
- Or just randomly sent
Essentially, you should be fine as long as you ignore any unfamiliar emails but it wouldn't hurt to do some kind of precautionary measures such as to stop entering your email publicly as much as possible tho most sites today has an option where you can hide it. Second, Dont use any easy to guess email addresses. Lastly, setting a separate email for personal use, work use etc..as it actually depends on what you do. As for me I use 4: a). Personal b). Crypto Services (NO ICO) c). For 50-50 trust sites - it means I'm expecting to be spammed and if I had to display an email publicly, I use this d). My Spare one
