In general these numbers are dialed at random using software. But I do believe some of these operations obtain basic information from companies and organizations that people have some connection to. A prime example is AARP. Their privacy policy states they do share information with third parties. I think this information goes from one source to another and so forth. At some point it falls into the wrong hands. I think the same could be true with other companies and organizations.