I have received a suspect email from IMDb.com. What should I do?
Occasionally, users report having received emails that look like they come from IMDb.com, but they are, in fact, falsified.
These email may direct you to a site that looks similar to ours, where you might be asked to provide or update account information such as your e-mail address and password combination, in order to steal it. In other cases, the messages contain potential viruses or malware that can detect passwords or sensitive data (in the form of an attached file or document). These techniques are known as 'phishing'.
If you received an email purporting to be from The Internet Movie Database and you are sure you did not request an update to your registration information, it's very likely that the email is a forgery sent for the purpose of capturing your account details.
If you have already clicked on a link in a suspicious email and/or entered your login information on a web-page, we urge you to immediately update your IMDb password/account details. To do this, go to the IMDb.com homepage, then click on the "Your Account" link located in the upper right corner of the page and then click on 'Change your Password' under "Registration Details".
Here are some steps you should consider in order to protect yourself:
Install anti-virus/security software and keep it updated at all times. Many anti-virus/anti-malware programs can help detect phishing attempts and can prevent malicious software from being installed on your computer
If an email looks suspicious, go directly to the IMDb.com site. Outgoing important account-related correspondence from us is normally archived on IMDb.com and accessible via Your Account settings page. If you are not sure whether an email originated from us, do not click on any links but go directly to http://www.imdb.com/mycontacts -- copies of account-related communications to you should be available there.
Legitimate communications from us which include links to our site will always point to the imdb.com domain. We never use a different domain or an IP address (string of numbers) followed by directories such as "http://123.456.789.123/imdb.com/. . . ." -- if you are not sure whether a link in an email is legitimate, do not click on it but cut and paste it into your browser and check that the destination site's domain is imdb.com, not another domain.
Sometimes the link included in spoofed emails only looks like a genuine imdb.com address. You can check where it actually points to by hovering your mouse over the link--the actual Web site where it points to will be shown in the status bar at the bottom of your browser window or as a pop-up. If you accidentally click on a link in a phishing and go to a spoofed Web site, do not enter any information and just close your browser.
Do not "unsubscribe". Never follow any instructions contained in a forged email that claim to provide a method for "unsubscribing." Many spammers use these "unsubscribe" processes to trick users into entering their login information. Even if you are only asked to enter your email address, don't do it: spammers use them create a list of valid, working e-mail addresses that they can continue to target later.
Do not trust attachments in email and do not open/click on them unless you are 100% positive that it is safe to do so, regardless of who the sender appears to be. When in doubt, do not open them.