This isn't true at all. jsmith+coinbase@gmail.com can be easily guessed by someone doing a spearphishing attack, either directly against you or indirectly against you using a vendor. Read this to see a real world example:

http://www.wired.com/2012/08/apple-amazon-mat-honan-hacking/

If the person who was hacked in that article had a unique email address at Amazon like mnmnmnmnmnmnmn696969696969@gmail.com then the attacker wouldn't have had any place to start the conversation with Amazon over the phone. Security by obscurity isn't perfect, but in many cases it does put up enough roadblocks to make someone give up.

If you use your technique, someone can also send you a spearphishing email purporting to come from any vendor that might fool you. On the other hand, if you get an email from Amazon to your Coinbase account it will be readily apparent it's fake.