I noticed that the email had a link that allowed my to cancel the purchase, and I would be lying if I didn't admit that I thought for a moment about pressing it. Thankfully, warning klaxons were blaring in my head. I took a moment to push past my initial panic and examine the email more carefully. It didn't take long to find all of the tells of a "phishing" scam.
The first was the link itself. If this were an actual Apple receipt, they would tell me to log into my account separately and to contact them that way. The second was an English error "please visit a Cancel." The third was a sense of urgency: in a paragraph I had skipped over, the email claimed that "Your purchase will automatically renew unless you turn it off no later than 24 hours." And the real humdinger was the convoluted email address that was hidden on the name "Apple Store."
When I showed it to a coworker, she was also taken in by how real the "receipt" looked at first glance. No doubt the link would have had me enter my username and passcode which the originator of this phishing scam would then use to access my Apple Store accounts and perhaps make purchases, or just learn more about my identity to create false accounts in my name.
I'm irritated that this made it past my spam folders, but more irritated that I was temporarily suckered by it.
This sort of thing gives me trust issues.