I remember there was a game server, where the attackers have implemented a Trojan and he caught the passwords when you change directly on the server. After that, the attackers began to sound the alarm on the forum for the game and word of mouth. All who changed the passwords, lost account. Before shop closed down, many have lost the value of play, and returned to the admin then not all and not all.
Of course, this is not the case. Just the topic I remembered.
And on the subject of the question, the answer is: read carefully and do not be lazy to think before taking any action. Rush never need, and even more to panic or sound the alarm. Carefully hover your mouse over the link and verify that the address there the same as you have in the screenshot. If the link is on reg.ru I see no reason for concern. In an extreme case, you can check the ip of the sender and route the email (because the return address is not an indicator). Well, for 99.99% reliability is better never to follow links from emails, if you these letters did not initiate the next 5 minutes on the official website, "I forgot my password, send me new".
Colton answered on March 23rd 20 at 19:20
Should start to look:
- the original text of the letter - does it come with reg.ru. It is possible and the support to apply - is it true were was the incident
- log in uchetku inputs, if it is true knock
If support can confirm if the letter really from reg.ru - well, I should probably change the password... and If it's on#BulovaDonatello - score :)