Look at the context of the email he received.

It's a lie to get him onto the site and to start scrolling. In that context, skipping the login is pretty dirty.

because though we know BigCo know too much about us nore than ourselves, revealling that ugly fact so frontally is tasteless.

If they had forwarded that mail to someone else--"Hey look! Someone mentioned me on facebook!"--then that second person could have logged into the first person's account with a single tap.

It's scummy and terribly insecure to pass around someone else's credentials via email.

That was my first thought. This can go downhill pretty quickly. Nobody suspects that you expose your account with a link to a mention.