You are right not to click the link - it is probably a phishing attack.

Some ways to tell are...

1. Is the email started Dear customer, or Dear Mr/Ms XXXXXX - symatec will know your name and will personalise it to you specific not generically.

2. Look at the from address, you should be able to see from the display name the actuaul email address it came from - does this look like a reasonable symantec address or does it look like something else. This is not always accurate but can give an indicaton.

3. The link provided - if you copy that into notepad what does it look like. Does it go to a symantec site.

4. Does the link have a load of jumbled up characters after it - if so this could be used as a method when clicked on to verify your email address as one that exists to send more spam.

I would not open it and would just carry on using the update mechanism within Symantec itself - this is the intended update mechanism.

Cheers