← All use cases

Use case · Crypto exchanges

A different email for every exchange. So when one of them is breached, you don't get phishing emails on your real address for the rest of your life.

Sign up. Trade. When the exchange inevitably leaks the customer list, the phishers don't get your real email — they get a dead alias. You don't end up on every 'urgent: verify your wallet' scam list in existence.

The problem

Crypto exchanges leak customer data. Coinbase, Kraken, Binance, Crypto.com — every major exchange has either been breached, had insiders sell customer lists, or been served subpoenas that put your details into databases you never agreed to. The leaked data isn't just embarrassing — it puts a giant target on your head. Phishers know your email belongs to someone with crypto. They send convincing 'urgent verification' emails. The success rate is brutal.

What you do instead

Use a per-exchange alias. The exchange never gets your real address. When the breach happens — and it will, statistically — the leaked address is one you can kill. Phishers send their 'urgent verification' campaigns to a dead inbox. Your real email stays unknown to the entire crypto-phishing supply chain.

coinbase@you.com

Step by step

  1. Generate one alias per exchange.
  2. Use it as the account email. Pair it with a password manager and hardware-key 2FA — aliases are part of a defense-in-depth strategy, not a substitute for 2FA.
  3. When you read about an exchange breach — and you will — kill that exchange's alias. Update your account to a fresh one if you want to keep using the exchange.
  4. Don't reuse the same alias across exchanges. The whole point is that one breach can't poison the rest.

Why this works

  • Crypto-targeted phishing is sophisticated and personal. Phishers buy the leaked exchange customer lists and send pixel-perfect 'security alerts' that fool real engineers. If your address isn't on those lists, you don't see those phishing campaigns.
  • Aliases also help with the unique problem of crypto subpoenas — your address may end up in court filings or government data requests. A unique-per-exchange alias lets you trace which exchange did it, and lets you opt out of any further leakage.
  • When a hardware-wallet vendor or DeFi protocol gets breached, the same logic applies. Use one alias per service. Limit the blast radius.

Ready for crypto exchangesthat don't haunt you?

Generate unlimited aliases. Free forever. No card required.

Create your first alias →

FAQs

Can I still get account-recovery emails through an alias?

Yes — aliases forward mail just like any other address. Password resets, 2FA backup codes, withdrawal confirmations all arrive in your real inbox.

What if the exchange requires me to use my 'real' email for KYC?

They almost never do. KYC needs your government-ID name, address, sometimes a selfie — none of that requires the email to match anything else. The exchange treats the alias as your contact email and that's it.

Should I use an alias for my hot wallet's email recovery?

Use a unique alias, yes. But also use a hardware key, also use a passphrase, also keep your seed phrase offline. Aliases are one layer; they're not a substitute for the others.