Which factor would indicate that an email might be a phishing attempt?

A suspicious sender email address is a significant indicator that an email might be a phishing attempt because many phishing scams use email addresses that mimic legitimate organizations but have slight alterations, such as misspellings or unusual domain names. The sender's email address is often the first red flag that can alert individuals to potential security risks. Phishing attempts typically aim to steal sensitive information or install malware, and recognizing an untrustworthy sender is crucial in identifying these threats.

Other aspects of the question can serve as helpful clues as well; for instance, a vague subject line may suggest that the content is not trustworthy, but it is less definitive than assessing the sender's address. Similarly, an attached document can be concerning and may warrant caution since it can contain malicious software; however, many legitimate emails also include attachments. A personalized greeting, on the other hand, is generally a positive sign and can even be used by scammers to make their correspondence appear more credible. Each of these factors can raise suspicion, but the sender's email address is often the most telling piece of evidence in determining whether an email is likely a phishing attempt.