Is Apple looking into this?: Apple ID phishing text — Here we go again!

You can check what data breaches your email address may have been exposed to here:

https://haveibeenpwned.com

There is no single source where these emails come from and the sending address is just spoofed so they are not identifiable. With most scam emails, they don't even originate in the US and are come from regions where the Government does not even have authority. Blocking one sending address does not prevent it from coming from another.

Scammers are also sending out these emails thousands at a time also by generating email addresses. It makes no difference to them if they are valid email addresses as they are just bounced back and ignored by them. The number you see in the email to call has changed multiple times and is also an untraceable VOIP number, so even if one can be shut down, it is easy to create another and each scammer can also use their own number.

If this is the only scam email you have received, then you should feel very lucky. As with any scam email, the user just has to follow a few simply tips to avoid any problem. Never call a number or click a link in any message and provide personal information. It is that simple! There are always reliable methods to communicate with the actual source through known contacts. For example, if you get a message claiming to be from your bank, you should have their contact information to respond to anything in an email instead of relying on any number you find there.

For additional tips, you can look here:

Recognize and avoid social engineering schemes including phishing messages, phony support calls, and other scams - Apple Support

Marubi wrote:

But I’d like to know, specifically, how Apple has looked into this? Are the scammers getting lists from hacking Apple sources, like this website I’m posting on?

Apple is not a law enforcement agency. They don't investigate things like that.

The scammers are using computer programs to auto-generate numbers. They don't need to get them from anywhere.

You also don't need to change your Apple Account password just because you receive a scam messages. You'd only need to change it if you'd actually given the scammer your information.

Marubi wrote:

And, as I scroll through previous entries, this has been going on FOR YEARS.

Which tells me, tons of folks have had this problem, reported the text as junk, changed their Apple ID password, and moved on.

Yes, it has been going on for years, for everyone who can receive texts or email on any device. It isn’t unique to Apple. If you have an Android with a Gmail address it will just say “your Gmail account was used in the Google store”.

Marubi wrote:

But I’d like to know, specifically, how Apple has looked into this? Are the scammers getting lists from hacking Apple sources, like this website I’m posting on?

[Edited by Moderator]

They are not. Thousands if not millions of such scam emails get sent everyday. It's physically impossible for Apple to look into it. More so, they are not as mentioned a law enforcement agency. They have no way of finding or preventing these scams. Most of these are automated, so there is no physical person sending these emails it's a computer. The computer might not even be anywhere near the actual scammer running it.

Emails can be obtained from many sources, least likely of which is anything from Apple as they are known to be highly secure in that regard, but other entities where you may enter your email address cannot say the same thing and places like Target Stores, Bank of America etc... in the US and many many others have had there data breached and exposed users e-mails.

You can forward the email to reportphishing@apple.com and they can then look into that specific source, and usually ban, and restrict the address and IPs its coming from, but with millions of these from many many places around the world, there are always new scams and phishing attempts coming up.

Just getting an email does not mean your account has been hacked, merely that they have found your address or have been able to generate it. Unless you give your details to the scammer by clicking on a link or calling a number in the message and actually engaging with them, they don't have any of your information beyond your email address.

Just block the sender and send the email to the junk folder. The mail app will lear and prevent these types of emails from being seen in your inbox eventually.