As others in the comments said - Stack Overflow isn't a bank. We don't need to have the kind of security that a bank does.
Additionally (also mentioned in comments), there is a trade off between making something secure and making it easy to use.
In this case, we have chosen on the side of usability. In the worst case, we are leaking that someone is using the Stack Exchange network with that email address.
