Yet another scam for people dumb enough to click before they check.

Got this email today from “App Service”:

Point to the link to see where it goes BEFORE you click it. In this case, the link does not go to Apple’s website or anything related to Apple.

Pointing to the link makes it pretty obvious that this is a scam. The bubble that pops up does not show a URL shown in the link, or to any other destination on Apple’s website. Clicking this link will likely install malware on your computer or direct you to a site that looks like Apple but is designed to gather your Apple login information, thus gaining access to your credit card, email, and other data you want to keep private.

Don’t click links in email messages unless you are expecting to receive a link.

Check out the text of the message when it’s copied and pasted! You can see a mix of alphanumeric codes and what looks like Chinese charaters embedded in the text.

Dear REDACTED@mac.com,

The following changes to your A96p17p23l98e11 28I98D86 were made on November 6, 2018

B40i40l55l54i52n87g56 Information

If you did not make these changes, or if you believe an unauthorized person has accessed your account, you should change your password as soon as possible from your Apple ID account page at manage.iforgot.service.com
Your Apple ID will be temporarely disabled until you verify your identitiy.
We will wait 24 hours for the verification, if we not receive any verification your Apple ID will be permanently disabled !
吃生薑
Sincerely,

Apple Support

What do you do if you think a message like this might be real? Close the message, go to your browser, and manually type in the URL to go to the site in question. Log in from that screen.