Is SiftMail the same as sift.email?

No. SiftMail (siftmail.app) is an AI-powered email security and triage platform for end users that connects to Gmail or Outlook. sift.email is a separate, unrelated email-list verification API for marketers. The two products are different companies in different categories with no affiliation.

What does SiftMail do?

SiftMail connects to a user's Gmail or Outlook inbox, automatically categorizes every email, surfaces important messages, bundles promotions and newsletters into digests, and detects phishing, impersonation, and Business Email Compromise attempts. It also provides the Sift Inbox Index, a searchable index of inbox history.

Does SiftMail read my emails?

SiftMail reads email headers and metadata for triage and security analysis. Full message bodies are not stored. The classification models receive only the minimum data required to score and categorize each message.

Does SiftMail work with Outlook?

Yes. SiftMail supports both Gmail and Outlook (Microsoft 365) via OAuth.

Yes — Shield Lite is free forever and includes 1 mailbox, 100 daily scans, basic risk scoring, and a 7-day history scan. Shield Pro is $15 per month with a 3-day free trial. Domain Defense is $39 per user per month for teams.

Home > Threat Library > Reply-To Mismatch Attacks

↩️

Reply-To Mismatch Attacks

Medium SeverityPresent in 45% of BEC and impersonation attacks

A reply-to mismatch occurs when an email's "Reply-To" header points to a different domain than the "From" address. While sometimes legitimate (newsletters), it's a key indicator of phishing and impersonation.

How it works

Attacker spoofs the "From" address to look like a trusted sender
The "Reply-To" header is set to the attacker's real email
When the victim replies, their response goes to the attacker, not the spoofed sender
The attacker can then continue the conversation convincingly

Red flags to watch for

Check the reply-to address by clicking "Reply" and examining the recipient
Common in fake CEO/CFO emails where replies go to a Gmail/Yahoo address
Newsletter-style emails from senders you didn't subscribe to

Real-world example

Subject: Can you handle a quick task?
From: CEO Name <ceo@company.com>
“I need you to purchase some gift cards for a client event. Reply here with your availability. (Reply-To: ceo.company@gmail.com)”

How to protect yourself

Always check the reply address before responding to sensitive requests
SiftMail automatically detects and scores reply-to mismatches

How SiftMail detects this

SiftMail adds +20% to the risk score when a reply-to domain mismatch is detected, making it a significant factor in identifying impersonation attempts.

Stop reply-to mismatch attacks before they reach your inbox

SiftMail scores every incoming email and automatically quarantines threats. Free plan available, setup takes 30 seconds.

Protect My Inbox Free Check a Suspicious Email