Pretty much what Learn Bitcoin said. The problem isn't the phishing attack per se; I mean, it really sucks if someone fell for that, but they can't have missed the many warnings. (If I recall correctly, once the seed is generated, it displays a "Never share it with anyone" message)

The problem is, for once more, the data the hacker possesses right now. That email and name list will sooner or later be sold at Breached or some other corner of the darknet, and there will be victims.