I'm not a cryptocurrency expert unfortunately... but receiving some random very small amounts of eth and btc is/was a known strategy to try to deanonymize users, as far as I remember. A so-called known deanonymization attack.
What amounts are we talking about here ? only very few dollars worth of ether back at that specific time of the transaction ?
It could be anything, in general... maybe even a friend of you that you gave your address to play around with or some tests that you performed yourself or a withdrawal from an cryptocurrency exchange/platform/website etc.
The other problem is, that several user situations are quite different ... for instance you are stating that you had a wallet on a website... I guess it also depends on whether you "imported" this wallet or if you just sent your funds from that website wallet directly to your very independent wallet created with Mist etc etc etc
I think you shouldn't worry about small incoming transactions... it's much more important that there are no outgoing transactions (that would be horrible because it would mean that somebody has unlocked your account somehow and has access to the private key, the decrypted/unlocked keystore file). Again, this would be only true if you can see some outgoing transactions, the other way around i.e. receiving some funds could be done by anybody... and you might not even be "targetted', it could just be some folks trying to sent some small amount to some random and old accounts and try to see if the users somehow are still able to unlock their account and "use" this new funds and this old account etc...
again, I'm not a cryptocurrency expert and not sure if this attempt for a de-anonymization "attack" is even possible or meaningful within the ethereum network.... I just remember that some similar attempts of deanonymization were tried back then and this type of dusting attack was actually quite an obvious and wide-spread attempt and some users only made some transactions after they received some (even very very small) funds because of this trigger (a new incoming transaction).
What amounts are we talking about here ? only very few dollars worth of ether back at that specific time of the transaction ?
It could be anything, in general... maybe even a friend of you that you gave your address to play around with or some tests that you performed yourself or a withdrawal from an cryptocurrency exchange/platform/website etc.
The other problem is, that several user situations are quite different ... for instance you are stating that you had a wallet on a website... I guess it also depends on whether you "imported" this wallet or if you just sent your funds from that website wallet directly to your very independent wallet created with Mist etc etc etc
I think you shouldn't worry about small incoming transactions... it's much more important that there are no outgoing transactions (that would be horrible because it would mean that somebody has unlocked your account somehow and has access to the private key, the decrypted/unlocked keystore file). Again, this would be only true if you can see some outgoing transactions, the other way around i.e. receiving some funds could be done by anybody... and you might not even be "targetted', it could just be some folks trying to sent some small amount to some random and old accounts and try to see if the users somehow are still able to unlock their account and "use" this new funds and this old account etc...
again, I'm not a cryptocurrency expert and not sure if this attempt for a de-anonymization "attack" is even possible or meaningful within the ethereum network.... I just remember that some similar attempts of deanonymization were tried back then and this type of dusting attack was actually quite an obvious and wide-spread attempt and some users only made some transactions after they received some (even very very small) funds because of this trigger (a new incoming transaction).