Have they also factored in the age of the e-mail accounts? Were they all the same age?

Then there are the known domains. Do established domains get more USCE because of spam dictionaries working just on them? It's almost certain webmaster, info, and so on at any domain are surefire spam targets.

Is there is commonality about the names that start with a particular letter? Mc, Mac, and so on?

Personally, I find a study like this to be almost pointless, as the results are always going to come into question.

This may be reaching:

What is really needed is some form of node authentication that ISPs recognize, whereby the unauthenticated mass mailings would be dropped on the first bounce while genuine mass mailings would be allowed to complete their trip. The added CPU load at that point would greatly reduce the huge loads that are spread around the network. All a company need do is register their domain and encode their mailings with an id linked to that domain.