You can not trust that a sender address is correct. They are trivially easy to fake.

The SMTP (email) protocol allows the creator of an email to state any sender address they want. There is no validation that the sender actually controls that address. And even if the receiving mailserver does some form of sender validation, like checking if the IP address of the sender matches the domain they claim to be from, there are also some quirks in the UI of many email readers which can be exploited to display a (fake) email address as the name of the sender.

When you receive some email which claims that you need to do something on some account on some website, and this appears to be plausible (you actually have an account on that site), then take a good look at the URL the link leads to. The domain name says who controls that link. The domain name is the thing which comes before the first slash.

These URLs all lead to Microsoft:

The following URLs are examples which do not lead to Microsoft. They all lead to a domains which might be controlled by someone else:

The last one is an example of a rarely used URL format which includes an username and a password (which are in this case both microsoft.com). The actual URL being requested is after the @ symbol.

If you decided that the link is probably fine, you click on it and get lead to a login form which looks trustworthy at first glance and did apparently not yet install any malware using drive-by download, then you should also check if the site is loaded over HTTPS (any reputable site will use https-only on their login form) and check if the certificate is actually signed for the company the site claims to be.

Some guides for detecting phishing attempts say that you should look for signs like broken images or non-functional links. I consider this bad advise, because it is based on the prejudice that all phishers are shoddy webmasters. The scene got a lot more professional in the past years. You should focus your attention on those things they can not fake with sufficient effort.