EMail-Sender-Address has normally this form : "Given Name" <firstname.lastname@example.org>
1. a part - shown-name, human readable name of sender
2. a part - sender-email-address
You see in outlook Mail only the first part "Given Name <FakeEMailaddr@fakedomain.com>".
The real sender-EMail-addresse will be hidden.
You can only see the real Address you move the mouse pointer over shown first part.
The User don't check this and belive it comes from "Given Name" with the email-address FakeEMailaddr@fakedomain.com.
Can Sophos check if an From String has in first part an email-address and check this against the real sender-email-address.