Introduction to Who Sent This Email?

First, the difference between a spam and a phish:

A spam is an irrelevant or inappropriate message sent to a large number of recipients.

A phish is an email, telephone or text message sent by someone posing as a legitimate institution to lure the recipient into providing sensitive information such as banking, credit card numbers or passwords.

In the example used in the following steps, we use a phish sent to a mailbox at,, although the steps may be applied to any email. The sender wants to enter her password to continue using that password.

Step 1: Spot Spam and Phishes By Appearance and Tone
Step 2: Look for Red Flags
Step 3: Reveal the Sender’s Email Address
Step 4: Reveal the Sender’s Website Address