Every time I get a call from an agitated client about one of these somewhat legitimate looking emails, my advice is always the same: just delete it and get on with your life.
Because it’s not really from Apple, my clients weren’t hacked, their iTunes/iCloud/Apple ID account isn’t in danger of being deleted, and by deleting the phony email they’re protected from accidentally giving the scammers any of the information they’re looking for. With the ubiquity of Apple accounts these days, it’s not a bad thing to target, seeing as Apple now has more credit card numbers on file than any merchant out there (800,000 credit cards on file – and that was back in April 2014).
What’s happening here are that scammers are targeting Apple account holders, trying to trick them into divulging personal information by clicking on the “Validation” link in the email. Clicking on that link will take you to a webpage (that no doubt will look just like an authentic Apple website) where you’ll be prompted to enter your Apple account login info, and likely other personal information as well. Once you enter that information, it’s in the hands of the scammers to do whatever they’d like with it. Purchase apps, buy music, commander your email, access your billing information – you name it.
Obviously this is not good, but at least you know what to do – simply delete the phishing email and get on with your life.