Over night I received an e-mail from the appleid email address called “How to reset your Apple ID password”. The message seems to be legitimate, and all the links seem to lead to pages on the Apple site, and not some obvious spam site. The message was not sent to my Apple ID, but rather to my rescue e-mail address.
The message said:
You recently made a request to reset your Apple ID. Please click the link below to complete the process.
Reset now >
If you did not make this change or you believe an unauthorised person has accessed your account, go to iforgot.apple.com to reset your password without delay. Following this, sign into your Apple ID account page at https://appleid.apple.com to review and update your security settings.
Obviously, I had not made a request to change my Apple ID password.
My question is, should I reset my password without delay, as suggested? Is my Apple ID account in danger as the result of some kind of attack? If I do reset my password, should I use the “iforgot” page, even if I know my password perfectly well? I actually logged into my account page appleid.apple.com, and I see that I could change my password there.
Thanks for your help!