Estimated reading time: 1 minute, 49 seconds
If you've just realized that you've been scammed and you reached here in problem while finding solution (if you are not too late) then...
Same, what I did fast ......
1. Quickly directly open www.apple.com (original website)
2. Go straight to login page
3. Click Forgot Password
4. Request Password Reset Email
5. Reset your password (so the attacker couldn't login with received data)
If you receive any email from Apple (not actually from Apple) like this then pay attention to marked header in image.
You will be arrived to a page looks like apple page.
Look at marked website domain in this image.
You can see domain/website ending with .ml. Original website should end with apple.com
I was busy in thinking something else and opened my email in laziness.
Since, it was an emotional alert so I too become fool (I didn't pay attention to EMAIL HEADERS) and suddenly realized that It's phishing email when I was on the next form filling my personal data AFTER I had used my login credentials.
Yes, I become fool too (and, they used a solid technique for it)
Even though I'm technical enough and development specialist, mistake happens.
To report a suspicious email, forward the message to Apple with complete header information. To forward the email: In macOS Mail, select the email and choose Forward As Attachment from the Message menu at the top of your computer screen.
These email addresses are monitored by Apple, but you might not receive a reply to your report.
For further details, visit Apple's official page about phishing/scam report.