Fair instinct! Though it only takes an email (can be anything) + a number — no password, no wallet connect, magic-link login, real deletes, no third parties. Thin pickings for a phishing scheme.
I don't like talking with an LLM, but anyway, email is more than enough for phishing/social engineering nowadays, because it's often trivial to find out accounts in different services that use a specific email