Light bulb Limited Spots Available: Secure Your Lifetime Subscription on Gumroad!

Mar 04, 2026 · 5 min read

Researchers Just Proved AI Can Unmask Anonymous Users for $4 a Person

A team from ETH Zurich and Anthropic demonstrated that large language models can link pseudonymous accounts to real identities at scale, with a total experiment cost under $2,000.

If you post on Reddit, Hacker News, or any forum under a pseudonym, you may be assuming a level of anonymity that no longer exists. Researchers from ETH Zurich and Anthropic have built an automated system that uses large language models to match anonymous online accounts to real identities with 67% accuracy, at a cost of just one to four dollars per person.

The research paper, published in late February 2026, tested the system against nearly 1,000 Hacker News profiles, almost 10,000 Reddit users, and anonymized interview transcripts. The results suggest that the "practical obscurity" protecting pseudonymous users online has collapsed.

Laptop screen displaying anonymized user profiles with connection lines being drawn between identities

How the Attack Works

The researchers built a four stage pipeline they call ESRC: Extract, Search, Reason, and Calibrate. Each step uses large language models to progressively narrow down a target's real identity from millions of possible candidates.

Extract: The LLM reads a user's posts, comments, and biographies, then summarizes them into a biographical profile capturing demographics, professional details, interests, and any disclosed personal information.

Search: Semantic embeddings convert these profiles into mathematical representations, enabling efficient nearest neighbor searches across millions of candidate profiles on other platforms.

Reason: The LLM examines the top candidates using extended reasoning to verify whether the anonymous account and a real identity profile belong to the same person, weighing overlapping details and inconsistencies.

Calibrate: A confidence scoring system adjusts precision and recall tradeoffs, allowing the attacker to choose how certain they need to be before declaring a match.

The Numbers

The system's performance varied across platforms but remained surprisingly effective throughout:

  • Hacker News to LinkedIn: 226 of 338 users correctly identified, a 67% success rate with 90% precision
  • Reddit cross community matching: Up to 45% recall at 99% precision
  • Anonymized interview transcripts: 9 of 33 scientists identified at 82% precision
  • Temporal Reddit splits: Up to 35% recall when extrapolated to one million candidates

For context, classical deanonymization methods adapted from the Netflix Prize attack achieved just 0.1% recall at 90% precision on the same datasets. The LLM approach represents a 450 times improvement.

The entire experiment cost less than $2,000. Individual identifications ran between one and four dollars each.

Why This Changes Everything

Skilled investigators have always been able to connect pseudonymous accounts to real identities through manual analysis. What makes this research different is scale and cost. As lead researcher Simon Lermen noted, "LLMs are not discovering hidden secrets; they are automating what skilled investigators could already do manually."

At four dollars per identification, deanonymization is now accessible to any moderately resourced adversary. A government agency, a corporation, or even a determined individual could unmask thousands of pseudonymous users for the price of a modest dinner. The researchers specifically highlighted the risks to journalists, activists, whistleblowers, and anyone who relies on pseudonymity for safety.

The attack works on unstructured text, which means it does not require structured databases or metadata. Forum posts, comments, interview transcripts, and biographies all contain enough identity signals for the system to work.

Who Is at Risk

The researchers outlined several categories of potential misuse:

  • Government surveillance: Authoritarian regimes could use this to identify journalists and activists posting under pseudonyms
  • Corporate profiling: Companies could mine forums to build advertising profiles tied to real identities
  • Social engineering: Attackers could construct detailed personal profiles from forum activity to craft targeted phishing attacks
  • Doxxing at scale: Harassment campaigns could be automated against pseudonymous users across multiple platforms

What You Can Do

The researchers offered several defensive recommendations, though they acknowledged that none are foolproof:

  • Avoid posting identifying details like employers, specific projects, or geographic locations across multiple platforms
  • Compartmentalize your online identities. Do not reuse writing styles, interests, or biographical details across pseudonymous accounts
  • Recognize that combinations of seemingly innocuous details create unique fingerprints. Mentioning your city, profession, and a hobby together may be enough to identify you
  • Before posting, consider whether a team of skilled investigators could figure out who you are from your collective posts

The fundamental takeaway from this research is stark: pseudonymity alone no longer provides reliable privacy protection. Anyone who needs genuine anonymity must actively manage what they share and assume that their posts can be linked across platforms by automated systems.