I would ABSOLUTELY NOT do as this email asks.
I've received this email twice. The first time I immediately clicked and signed in. Then I thought, maybe this is a scam. So I reviewed the email again just to satisfy myself that it was legit.
The first thing I noticed was that the salutation didn't get my first name right. (Yes, I should have noticed that right away, but I just saw what I thought was a legit Apple Support email and did as requested.)
The second thing I noticed was that it said that my rescue email was my icloud email, which it isn't.
Then, I took a look at the "from" email address and the "verify" link address which was https://id.apple.com
The I went to the apple website to log in with my apple id and just as you It said my account was temporarily locked. I didn’t try to go any further and immediately called Apple Support and told them that I thought I had passed on my info to a phishing site and that I wanted to change my password and security questions.
The guy walked me through it because I was so flustered and worried that I couldn't find the "manage account" link on the web site.
He told me that the ONLY place you should change your appleID information is by following the link below, which is what comes up when you click the “manage account” link on their website.
https://appleid.apple.com/cgi-bin/WebObjects/MyAppleId.woa/
Notice how similar it is to https://id.apple.com
But it’s NOT the same.
I also didn’t receive an automatic reply from apple support notifying me that I had changed my info and that if I hadn’t authorized this to, etc, etc.
And one last thing. Remember, I said that I received this email twice. And that my first name and rescue email were wrong. The second time, where the salutation was supposed to be was a blank rectangle like you get when an image doesn’t show up in the email. Only the little broken picture icon wasn’t in the center of it. It was just blank.
So if I were you, I wouldn’t reply to this email. I would go to the “manage account” link myself directly from the apple website and change the information that way.