I have received the following email this morning. Can someone please confirm whether it is legit:

Subject: Security Incident Involving Your Norton Account

Dear Norton Customer,

We are writing to inform you that we recently noticed suspicious activity on your Norton Account that suggests someone other than you may have logged in. For maximum security and as a safety best practice, we have disabled your password. Please note that, though your password has been disabled, your Norton product/s will continue to work.

To reset your password, please go to the Norton Account "Forgot your Password" page or to https://account.norton.com, click "Sign In" then click "Forgot your password? Recover it here". We strongly recommend choosing a complex password that is hard to guess, and that you change this password regularly.

Your Norton Account does not display your full credit card number, nor store or collect social security numbers. Examples of personal data that might be seen in your Norton Account include your name, billing address, the last 4 digits of your credit card and expiration date, and your Norton product license keys.

If you use a similar password across multiple accounts, you should consider changing those passwords as well.

Visit the Norton Support Frequently Asked Questions page for answers to additional questions.

Thank you for your attention,

Norton 

To view this message as a web page, click here.

Alarm bells started ringing because the stated URL's do not match the underlying hyperlinks.

https://account.norton.com leads to https://response.nortonfromsymantec.com - likewise with the other links.

Thanks for your time.