In a simple example of something that could cause a lot of problems in your PHP script (and server's) life, this new post sheds some light on email header injection in PHP.
However, the problem isn't necessarily that they are attempting to use the contact forms. The problem that exists is that the average coder with little or no understanding of security issues can create a contact form for their website which can act as an open invitation to spammers.
It has become apparent that spammers are getting even more smarter than we take them for. Rather than abuse open relays, which are almost non-existent, these scum-of-the-earth 'traders' are now abusing contact forms.