With such degree of character's reuse you must trust the attackers are not the admins of a site where you use those password, because they can look at the cleartext entered on the keyboard. Obviously this is still an improvement over using the same password123 for every single site but those nasty admins could easily check if a password ends with characters matching their domain. Then all the schema falls apart.