As probably all of you, I got an email that was intended as a phishing attack.
The HTML version of the email was pretending to be a Facebook email of a security warning.
The links do lead to Facebook, for an account-switching crafted URL. I get that one.
However, the text version of the email has something like this:
(I redacted out usernames from those addresses.)
Some of those names seem to be related (maybe the same person across multiple domains?). Some others seem generic but on a similar vein (mostly universities).
My question is: what’s the purpose of this "attack"? Clicking on those would trigger my email client to prepare an email for all those addresses. What does an attacker gain out of this?