Possible phishing - looks very legit.
As far as I am aware I don't have an account associated with the email I received this email on; instead of using the link they provided (https://appleid.apple.com) I found Apple's real sign in page and tried to sign in. It let me input my email and said I had an account, asked if I wanted to open my locked account using the email (started with a h, I don't know what this email is) or use my security questions.
The questions were questions I wouldn't have access to. Stuff like my first manager - when the time I would've had this account was with my Iphone 4 which I had when I was 15, too young to work. But, now I'm unsure if I really did have this account or if it's someone else's account I've now got the email for and their account is being misused.
Either way, the email is from noreply@apple.com, subject is Deeper
Review] We see your account has been misused on other device on Wednesday
03-13-2019, News Session/Vemos que su cuenta ha sido mal utilizada en otros
dispositivos el miércoles, and the email contains nothing but a word attachment:
Dear Client
Your Apple ID will be disabled because of some violated policies
The following changes to your Apple ID were made on
Date and Time: Wednesday, March 13, 201
We have noticed that your account information appears to be invalid and unverified.
We need to verify your account information in order for you to keep continue
using your Apple ID account
You should change your password as soon as possible from your Apple ID account
page at https://appleid.apple.com
Sincerely
Apple Support
There is an apple logo in the top right and a couple of hyperlinks at the bottom to Apple ID / Support / etc.
I have no experience with Apple (as you may have guessed) so I'm unsure if this is legitimate or not. Alarm bells are the obvious me not knowing I had an account, it asking me to change my password, incomplete date, and the signup page looking different from the one I encountered logging in on Apple's actual website.
Any insight would be appreciated. Likesaid, I assume it is a phishing email and will be forwarding it regardless, but having an account under the actual email that is locked has me second guessing myself.