I received the best looking phishing email I've seen in a long time, if not ever, and wanted to make folks aware of it. While it looks like it could be from Apple, including legitimate links to Apple's Support site and online forums, the link to "My Apple ID" is to http://nuestrocafe.es/ar, not an Apple URL, and I don't recommend loading it in a browser.
It's a sophisticated attack in that the phishers used my full name in the To field, as shown in the image below. This wasn't a blind BCC blast; it was one email sent to me.
The copy is also fairly clean, a rarity in the vast majority of phishing schemes I've seen as they are often crafted by non-native English speakers/writers. In this one, several "i" letters use "ι" instead, and "Incase" was typed as one word, but I had to look closely to notice either issue.
Tips: Always check URLs before clicking or tapping them. When viewing an email in most versions of Mail.app in OS X, hovering over a link will reveal the actual URL in a popup rectangle. This is true even when the link has been crafted to look like one URL when it really points to another. Also, when fiddling with your iTunes account, it's always best to do so within iTunes itself, and not by clicking an external link.
Help spread the word on this one. It's sure to catch unsuspecting victims.
Here's what the phishing email looks like:
Phishing email scam designed to look like it's from Apple
(Click image for a larger version)
Teaser image on home page courtesy of Shutterstock.