> The phishing email is designed to trick the recipient into clicking on the ‘Change Password’ button. Clicking on this link would direct the victim’s web browser to a link hosted on the URL shortening service Tiny.cc

Truly amazing hacking skills we see here.

Don't play dumb — it rarely works out in your favor. Why would you expect anybody to burn 0-days when all they want is access to an email account?

Sorry, my KGB handler told me to play dumb.