Typically, when we provide our email addy to sites we have purchased something from, some of these sites lay aside their ethics and sell your email addy. It's quite a lucrative thing, if they collect hundreds / thousands of email addy's and sell them for a monetary percentage. One never knows exactly who's going to sell your addy to someone else or pass it on to other parties. I've provided my email addy to sites before...and within hours, I begin to get unsolicited emails, notifications and junk from unknown sources. Delete, delete, and delete. Don't even open them.
As to opening an email and getting infected...that's never happened to me. However...NEVER open a link or attachment in ANY email from someone you don't know. I'm sure you know this, so not trying to insult your intelligence...just validating a fact. I never reply to an unsolicited email...that only lets them know your email addy is active and live. The same with unsolicited phone calls. The best thing to do is just delete them without opening them. With technology today, I wouldn't be surprised if hackers can attach 'something' to an email and be activated by just opening it.

I personally don't take that chance.
I'm sure there are IT techs or people much more qualified than me to provide insight & expertise regarding this issue.