Is this a real email from apple or a phishing site?

[Potatochobit]

my girlfriend is in asia
yesterday a pick pocket stole her iphone from her purse
the thief was caught on camera when the store reviewed the security tapes
but the person got away before she noticed the phone was missing

after locking the apple ID account on the phone yesterday
early in the morning I got an email stating the phone was located
and I needed to log in to view it on the map
but the connection is unsecure, so it seems fishy and the website ends in mapsconnect.info
not actually icloud.com

I dont see how the thief would have known my email address though
anyway, here are some screens of the email links

I was getting the original email from noreplyfmi@icloud.com

 

[Howl's Castle]

Don't enter your information in that site. That is a fake webpage. The real webpage is iCloud.com and only iCloud.com anything after is fake.

 

[Howl's Castle]

Also the real email would be from Apple, not iCloud.

 

[Shirasaki]

No doubt a phishing site. Don’t enter anything.

 

[pandi.ruvina]

The real icloud.com doesn't have anymore "Check Activation Lock Status", and again NO, it's not a real apple site, a phishing one!!!

 

[jetsam]

As everyone else has pointed out, this is a 100% fake email and web site.

"noreplyfmi@icloud.com" in that email is a text field. It can say anything.

If the web page were real, it would be an SSL secured page with a certificate owned by Apple. The page you were sent to is not secured at all, as your browser is loudly warning.

And, Apple has changed the background of the icloud.com web site since this fake web page was set up. Check out the appearance of the real web page at https://www.icloud.com/