I've been doing this for years. Very few companies have actually sold my address. Federal Express and USAA traded lists for a while.
The largest source of spam is from domain registrations and other public records.
The next largest source is from breaches: Ameritrade (they lost a backup tape), MtGox, and a bunch of small vendors over the years.
One thing that is interesting to note... when I get unwanted mail from a source I recognize, the unsubscribe links both work and do not lead to more mail. (Example, the parking vendor at the local stadium started sending me event newsletters for the stadium... but sending it from themselves, not having shared with the stadium.)
The largest source of spam is from domain registrations and other public records.
The next largest source is from breaches: Ameritrade (they lost a backup tape), MtGox, and a bunch of small vendors over the years.
One thing that is interesting to note... when I get unwanted mail from a source I recognize, the unsubscribe links both work and do not lead to more mail. (Example, the parking vendor at the local stadium started sending me event newsletters for the stadium... but sending it from themselves, not having shared with the stadium.)