At the moment every Matomo user could change their E-Mail address to everything they want without any verification (apart from syntax, see https://github.com/matomo-org/matomo/issues/11796). This allows every Matomo user to send an unlimited amount of (for them) SPAM E-Mails to anyone without them ever opting in to receiving them.
When someone tries to change their email address (after confirming their password; https://github.com/matomo-org/matomo/issues/2932) the change should only be saved if the user was able to confirm an link in a sent mail.
In addition an email should be sent to the old email address informing them that they are loosing access to the account (and to inform an admin if they don't know about the change)
Slightly refs https://github.com/matomo-org/matomo/issues/13321 :)