Phishing attacks are a relatively simple way to steal data. Users click on an email they believe to be legitimate, allowing malware to be installed or submitting login details for a service, whether it be a fake bank email, service, or the Spanish lottery. Perhaps if you're particularly lucky, there is a wealthy gentlemen in Africa who wants to transfer millions of dollars to your account -- but only if you forward along some of the costs in advance, of course.
Scammers are sending emails to customers asking them to change their passwords.
"Dear Apple Customer,
To get back into your apple account, you'll need to confirm your account. It's easy: Click the link below to open a secure browser window. Confirm that you're the owner of the account and then follow the instructions.
Before log in your account will be Confirmed, let us know right away. Reporting it is important because it helps us prevent fraudsters from stealing your information. Yours sincerely, apple."
The poor English and grammatical mistakes should be enough to give this email away as fraudulent; however, you should always check the url of a link and address of a the sender before you click.