In addition to hovering your cursor over any links before you click on them, another way to stay secure is to enter links yourself in your browser rather than click on them in emails. If you type store.apple.com into your browser, you know it's a legitimate site. If you're using Safari any secure connection to Apple (i.e., any URL beginning with https: rather than http:) will show a green verification item in the top right corner of the address bar. (There are similar indications in other browsers.) And no legitimate site will ask for personal information, especially of the credit-card variety, without using a secure connection.

This isn't the first such scam posing as an e-mail from Apple recently. In a less sophisticated attack earlier this month, a fake MobileMe message requested that users send an e-mail containing their username and password.

In general, you should be skeptical about any e-mail messages, however legitimate they appear to be, that ask you to go to a website or compose an e-mail containing personal data.

Details: Apple

Korg