Something you can do is instead of using the company-name@ use some-hsyh2-code@, and then just keep a txt file of those codes so you know who they belong to. It makes it less obvious they are being sold as no doubt spammers will remove emails that contain the company name they are breached from…
1 Like