Did anything look out of the ordinary? Did you recognize the senders address? Was it similar but not the same as an offical email?
GitHub <noreply@github-alert.com>
Did you look at the link by hovering over it with the mouse?
If you ever think that an email is suspicous it is better to err on the side of caution. Forward it to security@reach5.co