This password has appeared in a data leak

You can also add 2 Factor Authentication to your account for more security.

Apple ID -Two-factor authentication          

Two Factor Authentification availability.    

2 Factor Authentication - How to generate a recovery key

Apple ID - Using app-specific passwords.     

Apple ID - Two Step Verifications FAQ    

Apple will always address you by your name or the name they have on file for you, not Dear Customer, Dear Client or by using your e-mail address.  The e-mail will be from @apple.com or @iTunes.com. E-mail addresses can be spoofed. You can go to Mail/View/Message/Show all Headers to see more. Apple emails won't have poor grammar/misspellings. Apple e-mails will never contain an attachment. Apple will never request personal information by email such as Social Security numbers, your Mother’s maiden name or full credit card numbers . 

The only exception to the above I have noticed is if you order something from the Apple Store (apple.com), your receipt will be addressed to Dear Apple Customer. That is a receipt for a purchase you initiated.

Avoid phishing emails, fake ‘virus‘ alerts, phony support calls, and other scams.   

Identifying legitimate emails from the iTunes Store.     

Send the e-mail to Apple as an attachment to a new e-mail before deleting it. You can forward as an attachment by going to Mail/Message/Forward as attachment. Or control - click on the email and select Forward as attachment. Make sure you send it as an attachment to a new email. If you just forward it, it will probably be rejected. You won’t receive a response.

reportphishing@apple.com

You are welcome.

I also received this message. Was it really from Apple? The message said it was fore Apple.com.