Criminals are getting very good at imitating Apple messages and sometimes the only indication in an email is very subtle. Have a look at this thread. Someone registered an Apple ID with my em… - Apple Community It can be very hard to tell from an email alone if it is authentic. The best way to check is to use an independent way through Apple's own resources to confirm what the communication claims. Scams (e-mail, text messages, and phone calls) are getting very good at closely imitating true Apple communications. Always be cautious. These support articles have some guidelines:
About identifying legitimate emails from the App Store and iTunes Store --> Identify legitimate emails from the App Store or iTunes Store - Apple Support
Recognize and avoid social engineering schemes including phishing messages, phony support calls, and other scams - Recognize and avoid social engineering schemes including phishing messages, phony support calls, and other scams - Apple Support
Avoid scams when you use Apple Cash --> Avoid scams when you use Apple Cash - Apple Support
About Gift Card Scams --> About Gift Card Scams - Official Apple Support
If you are uncertain about a message and a resource provided in that message, do not click on any links in the message. Try to use an Apple resource you know is valid to independently verify what the message is claiming. Go to a support article page on apple.com and use the instructions in the article to verify though Apple itself, or use an Apple device feature such as Settings or an Apple app. To ask Apple start at this web page: Official Apple Support If you wish to investigate links, this post by contributor MrHoffman describes how you can do that —> "Keep your Apple Account safe and secure"… - Apple Community (the link takes you to the end of the post so scroll up a bit).
- Apple won’t warn you about disabling an account. You will find out when you try to sign in.
- Phishing emails may include account suspension or similar threats in order to panic you into clicking on a link without thinking. They may report a fake purchase in order to infuriate you into rashly clicking on a false link to report a problem.
- Apple e-mails address you by your real name, not something like "Dear Customer", "Dear Client", or an e-mail address* However, having your actual name is not proof this isn’t phishing. Compromised databases may have your name and address in them.
- Apple e-mails originate from @apple.com or @itunes.com but it is possible to spoof a sender address. "Apple email related to your Apple ID account always comes from appleid@id.apple.com ." (From an older version of: About your Apple Account email addresses - Apple Support )
- Set your email to display Show Headers or Show Original to view Received From. Apple emails originate from IP addresses starting with "17.".
- Mouse-over links to see if they direct to real Apple web sites. Do not click on them as this just tells the spammer they have a working e-mail address in their database. If you are unsure, contact Apple using a link from the Apple.com web site, not one in an email.
- Apple will not ask for personal information in an e-mail and never for a social security number.
- Scams frequently have bad grammar or spelling mistakes.
- Apple will not phone you unless it is in response to a request from you to have them call you.
* Exception: I got email saying my ID is expired! Does… - Apple Community
“If you receive a suspicious link to a FaceTime call in Messages or Mail, email a screenshot of the link to reportfacetimefraud@apple.com. The screenshot should include the phone number or email address that sent the link.”
Forward phishing attempts as an attachment (in MacOS Mail use the paperclip icon) to: reportphishing@apple.com then delete it.
