Something similar has been done trying to deanonymize wallet owners. It's called a "dusting attack". In theory you can protect yourself by manually choosing which outputs to spend when you're building a transaction.