A serious-looking email from Amazon, addressed by name, not caught in the spam filter: That has to be a real email, right?
One would think, because purely visually this email makes an absolutely real impression:

“Dear Mr. XXXX XXXX,
Our login system has detected suspicious activity.”
The Amazon account has been blocked for the time being because someone has probably gained unauthorized access to the account.
In addition, the suspicious IP address and the location from where you logged in are also transparently stated. You should now click on the “Confirmation process” button to reactivate the account.
What's wrong with this email?
The only suspicious thing is apparently the greeting, which contains one too many commas.
In order to reveal the email as a phishing attempt from the outset, we have to dig a little deeper, starting with the IP address.
Apparently the login came from Monrovia, Liberia, the IP address was 70.180.150.19.
With a simple search we can check whether this can be true.

We discover that the IP address is assigned to a company in Las Vegas.
Therefore, the information in the alleged Amazon email cannot be correct at all, because even if a fraudster in Monrovia were to use a provider in the USA, Amazon would only have the IP of the provider, but would not know where the user is exactly located.
But it gets even more interesting :
The email wasn't stopped by a spam filter, and there's a reason for that: the spam filter didn't recognize any suspicious text in the email.
And why not?
You can easily test this yourself: select the text in the email, copy it and paste it into an empty document. Then suddenly it looks like this:
“Our registration system has detected suspicious activity.”
Invisible to the user, there are additional letters with a size of 0 pixels between the letters. Spam filters there (just like we do now) only read meaningless gibberish that is not defined in the spam filter.
If you now click on the link, you will be taken to a login page that has been faithfully recreated and to which you can uncontrollably entrust your login data. These can then be used by fraudsters to shop to their heart's content on Amazon at the user's expense.
The only way the user can recognize the fraud at this point is that they not landed on the original Amazon page, which can be recognized by the URL at the top of the browser:

The last word before the domain is important in a URL.
Here you don't go to amazon.de or amazon.com, but to de-enagi4geeo.eu.
Conclusion
Here, phishing scammers use clever tricks to ensure that the email is not stopped by spam filters.
Basically : An email may look real, but if you are unsure as a user, you should always log in directly to a website and not click on links in suspicious emails!
If you enjoyed this post and value the importance of well-founded information, become part of the exclusive Mimikama Club! Support our work and help us promote awareness and combat misinformation. As a club member you receive:
📬 Special Weekly Newsletter: Get exclusive content straight to your inbox.
🎥 Exclusive video* “Fact Checker Basic Course”: Learn from Andre Wolf how to recognize and combat misinformation.
📅 Early access to in-depth articles and fact checks: always be one step ahead.
📄 Bonus articles, just for you: Discover content you won't find anywhere else.
📝 Participation in webinars and workshops : Join us live or watch the recordings.
✔️ Quality exchange: Discuss safely in our comment function without trolls and bots.
Join us and become part of a community that stands for truth and clarity. Together we can make the world a little better!
* In this special course, Andre Wolf will teach you how to recognize and effectively combat misinformation. After completing the video, you have the opportunity to join our research team and actively participate in the education - an opportunity that is exclusively reserved for our club members!
Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )

