I think Facebook knows this very well. They closed a discussion thread on this that’s over a year old, and you can’t start a new thread — Facebook will say the answer already exists.
Their help documentation is incorrect:
If you try to do this you’ll be told the email is claimed, there’s no way to reclaim. You can use a password reset to lock the other person’s out of their account (assuming you don’t know the attacker’s password) but you will still be unable to reclaim your email address. (In my wife’s case Facebook messages were being set to her spam folder, so she probably missed the notification that the email address was being used.
We ran into the same problem with Skype, but there it is possible to take the account back.
Update: this is a very old problem - 2012. The abuse page links simply redirects to the email notifications that doesn’t belong to me page where the advice doesn’t work. I’ve tried Facebook’s “report a problem” page but I’m not optimistic:
I found another Facebook page for this issue that has a different workflow:
It at least does not fail immediately.
Or, you can pretend you don’t already have a Facebook account. Use an incognito window and try this one:
Looks like every Facebook engineer has their own independent process…