Today I received such an email, and although it looked official and appealing, its purpose was to get me to click on a button or link and provide credentials.
Do not open attachments, click on links, or respond to emails from suspicious or unknown senders. Also be very careful when clicking on links from known sources. Known sources may be infected with a virus, and then unknowingly send you links to malicious websites.
This email came in from a bogus email address with some seemly valid components:
but it should have been wellsfargo.com, but if you missed that, check out the links WITHOUT CLICKING on them.
Hover the mouse icon over a link or button but DO NOT click it. Note: Any link to a financial organization should always be using a secure address https NOT http. as shown below:
There are many websites that can provide additional and more specific details.