often times harvested from mail client files of someone's compromised computer
Agreed, but, these are unpublished e-mail addresses. There are only three places they exist. My desktop, a search engine account, and the ISP. I am as certain as I can be that my mail client is all clear, so they must have been scraped from one of the other two sources.