Originally Posted by Gambalunga
Usually the email headers clearly show that the sender is not the bank.

Scammers are getting more cunning at substituting characters to make them look like the legit addresses. Part of the filtering you suggest could be to test if known substitutions have been used to mimic a genuine address. It would also make sense for email addresses to be displayed in fonts that, for example, don't make I look like l.


"this means the end of the horse-drawn Zeppelin!" - N Seagoon