You know how we’re constantly reminded not to click on links in emails from “people we don’t know” and never provide personal information?
I’m certain this email came from a physician I’m about to see, but, with a concealed URL like that, somehow I just can’t bring myself to Get started like this:
Remember, I’m in the US and *.co links are typically “foreign”, so they are going out of their way to look sketchy. I replaced several characters in the URL to make it invalid, but it closely resembles the original.
Of course, everything is outsourced these days, so the physician and her staff have nothing to do with the scheduling and patient information group, so they will have no idea what’s going on or be able to do anything about it.
The Smell of Molten Projects in the Morning 
Most human farming entities within the medical-industrial complex operate in the online space via portals like MyChart which provide some degree of security theater. They do not generate emails like the one above that scream phishing. Assuming this is malicious, the real question is how did the attacker know who your new provider is going to be?
“I don’t drive” [as far as you know and it would be none of your damn business if I did].
I seem to be lucky; whenever I’ve had to see a new doc, it was either face-to-face or had a very clear URL for the data. The latter example did not need me to email photos of anything; that was done prior to the designated appointment time.
There’s an advantage to living in a low-tech town. [grin]
“Only the Paranoid Survive”
— Andrew S. Grove