While I’m certainly not minimizing your concern, I’m surprised that others actually look at or even read anything in a spam or junk folder.   I use a laptop, an iPad and iPhone for work and personal and never do anything with those folders other than empty them by right clicking (so not even looking at the emails). 

If a legit email sends something that goes to my junk folder, I would never know it and have never had an issue.   I just let the apple and windows filters do what they do.

As for your password, I can see where that could be unsettling, but there have been so many breaches, it could have happened from any of those.   They definitely have had my email and passwords from past hacks, but I change passwords all the time and use the apple strong password manager to create lengthy ones.  Just a suggestion.

This darn pop up i have got for months now, always 2 at a time,saying apple wants to make changes, i have tried to get rid of it ,many times ,it is hackers my son says trying to get in.

OMG!  I so feel you pain and anger.

The same thing happened to me on Thrusday morning!  When I opened our email there was a message "recorded you my name."  They had my password but it was an old password.  I had changed it about six weeks ago when I noticed something wonky going on with Spectrum Webmail.  Anyway, they wanted $1400 bitcoins or they would release lewd photos of me on the dark web.  They said they had been using my webcam to record me.  They also said they had all my passwords to all my websites.  We have Webroot Internet and malware security.  We subscribe to the Geek Squad so my husband contacted them.  They spent over an hour cleaning up and checking out everything but they didn't find any malware.  It is an email scam but I am still a wreck because I do not know how they got the email password, even if it is an old one.  This email came into my spam folder.  Normally, I don't read them and I never click on any links.  I am still baffled how they got the old email.

@NickNack   No, don't even read the email, which is itself a link and could be infected.  Instead, forward the email to your IP security.

@NickNack Hello, I'm new here and although I've lurked for a good while and have thoroughly enjoyed this forum, I was leery to join an established group.  I couldn't let this pass by though, without comment.  Excuse novice mistakes, getting to know this system.  I'll give a little bio in the future about who I am.  

I feel your pain.  I was contacted by Amazon security, that someone had hacked my e-mail, then my Ammy PW and they were running all over my profile there, and likely everywhere else.  I was advised it was serious and I needed to change ALL my PW's. BUT, before changing ANY PW's, I was instructed to FIRST change my PW with my e-mail, internet provider.  To start at the top!  Only then to change other PW's, since it seems often it is a break into your server, with a trickle down from there.  I'm remaining cautious, but no issues since.  It sure put a scare in me since they had full access into my life, friends, family and other accounts.  So, please change your internet server PW first before other accounts to be on the safe side. 

Wishing you the best and for all of us having to deal with such nonsense.  It's very unnerving.

Hackers probably have pages upon pages of made up passwords.  If they get a "hit" thats good for them.  It was a stab in the dark.  They really didnt know that it was your password.  A true hacker would never give you a heads up.

The best thing to do for passwords these days is to use sentences along with some symbols

---

@Imaoldhippie wrote:

Hackers probably have pages upon pages of made up passwords.  If they get a "hit" thats good for them.  It was a stab in the dark.  They really didnt know that it was your password.  A true hacker would never give you a heads up.

 

The best thing to do for passwords these days is to use sentences along with some symbols

---

@Imaoldhippie   This was definitely my password.  No one else could have come up with that unless they knew me well.  

---

@vsm wrote:

@NickNack   No, don't even read the email, which is itself a link and could be infected.  Instead, forward the email to your IP security.

 

---

             @vsm,  This is an important point.   Simply opening an email message can sometimes transmit information to the sender or automatically download something to our device -- particularly if our settings enable it to "load remote images."   Some email providers will automatically block/disable loading the remote image URLs for this reason, and they'll display a message asking if you want to see/display them (don't do it if it's a suspicious message).

OK, so here's what I want YOU and everyone on here to do.  I'm not joking.  

I came up with this idea on my own (go figure).  Even my son-in-law who has an amazing security job said, "Wow!  I'm going to use that".

OK, so think of a short phrase that would only make sense to you.  Not one you use a lot but one that maybe describes your cat or dog.  This is just an example:  I love the store49!

Some places require numbers also, caps, and some even ! (things like that).

I guarantee you no one would be able to figure that out.  I do things like that!  Just make sure it's one you'll remember or write it down (of course).

There are any number of ways to get pass words.  I'm not savvy enough to go into it here; (my son-in-law taught me things to avoid).  I've been told if a person goes on facebook, etc.  They can get it.

Anyway, just Thursday I got an email about something from my car.  It was bogus but they were going to run one of my credit cards to pay for it.  I don't have any credit cards.  But I did call the number in the email.  It had my car's brand name, everything and it MIGHT have been on the up and up.  It was a renewal notice.

Anyway, they wanted to know the last numbers of my SSN, then they wanted to know my favorite color (that's one way they get security numbers/words.  Many people use their favorite color, the name of their pets, etc.

If you have to come up with numbers (which I've had to do for security reasons) I give them numbers from people I knew when I was a kid.

I did have my debit card stolen (well the numbers) back 2 years ago 2 days before Christmas!  I didn't even realize it.  A guy (security guy) from my bank called me and said that someone had broken into the gas pump I'd used (broken into the pump) and gotten the numbers and pins, etc from the magnetic tape that stores all of that when you get gas.

I asked my son-in-law how they were able to do that without my card.  He said the thieves have a tape reader (you can buy them in a lot of places) then they can go to a bank outside, a 7-11 machine, etc and get money from YOUR account.

Long story short, they sucked out $489 from my account.  Why that amount.  Well, you see if it's under $500 the bank doesn't pursue them.

I was so angry because the bank guy kept saying, "Why are you upset?  We've already refunded your money.  But you can't use the card until you get your new one". 

That was 2 days before Christmas.  I told him I was lucky because I had access to other accounts, but how many people don't.  Two days before Christmas and you can't use that account!!!

Here's what he told me to do.  NEVER get gas from any pump that doesn't have a black strip across where you see a key for the attendants to get to the magnetic tape that holds your numbers.  Also, when you use your card, put your hand over the punch numbers when you do it.  He's investigated where people watch (long distance) people using the card and punching the numbers!  Crazy, I know!

There's an EXXON station I go to to get gas.  It has the black tape over it.  Here's what the tape says, "If this tape is broken....do not use this pump...go inside and notify the attendant".

This happened about a month ago.  I went to several pumps and the tape was broken.  I went inside and told the attendant.  He thanked me and said the authorities would be notified.

And now you know what I learned.  So, my daughter lives in an area in Florida where there are armed gates at all entrances.  Billionaires live in this place.  Yet, maybe 3 years ago, while her sister was visiting her there, they both left their purses inside the car while a few feet from the playground.

They left for a few minutes and when they came back someone had broken into the car and stole their purses.  It was a real headache because one daughter was ready to fly back home.

My point?  Well, more like where there's a will there's a way.  Who knows how these people (probably workers) got into the place, but they did.  The guards were fired and it was a real big deal there.

The world we live in we pay a price for all of this luxury in almost every way.