Unveiling the Leak: How Gmail’s ‘+’ Feature Exposes the Source of Your Data Breach!

Wilson Chua
2 min readJan 15, 2024


How can you identify which online service leaked your personal data? If you used the SAME emails with different online services, it may be hard to pin it down. However, I recently saw this Youtube video (https://www.youtube.com/watch?v=Ma6i510nPo4&t=327s) by Tasia Custode.

She shared how we can create additional unique emails using Gmail’s ‘+’ feature. This is not only convenient but we can also turn this into valuable tool for TRACKING the SOURCE of breaches/leaks/compromises of personal identifiable details.

The Gmail ‘+’ Feature: A Hidden Gem

Gmail’s ‘+’ feature is a little-known but powerful tool that allows users to create multiple variations of their email address while maintaining a single inbox. By adding a ‘+’ symbol followed by any word or combination of characters to your Gmail address, you can create seemingly distinct email addresses that all funnel into your primary inbox.

For example:
- YourEmail+neflix@gmail.com
- YourEmail+manilabulletin@gmail.com
- YourEmail+disney@gmail.com

Despite the variations, all emails will be delivered to YourEmail@gmail.com, making it an excellent way to categorize and filter incoming messages.

Tracking Breaches and Compromises

One of the lesser-known benefits of using the ‘+’ feature is its potential to help identify the source of a breach or compromised personal information. By using different variations of your email address when signing up for online services or newsletters, you can trace the origin of unsolicited emails or suspicious activities to a specific source.

For instance, if you start receiving spam emails at YourEmail+netflix@gmail.com, it becomes clear that the compromise likely originated from Netflix. This information is invaluable when assessing the security of various online accounts and taking prompt action to secure them.

Netflix can’t use the excuse that your Personal details could have been compromised SOMEWHERE else. Clearly, this email is used ONLY with NETFLIX. Also, if telemarketers suddenly send you unsolicited spam, then you now know that NETFLIX sold your personal data to 3rd parties as well.

Strengthening Online Security

Implementing this strategy not only enhances your ability to pinpoint potential breaches but also strengthens your overall online security. By creating dedicated email addresses for different purposes, you minimize the impact of a potential compromise. Even if one account is breached, the others remain unaffected, reducing the risk of unauthorized access to critical accounts like banking or social media.

If you find this useful and helpful:
Share this insightful guide with your friends and family to empower them with a proactive approach to email security. Together, let’s build a safer digital environment. #EmailSecurity #CyberAware