Great question!

It's very straightforward, so here's what you'll do:
1. Pull up the Raw Email Data
2. Find the Originating IP Address
3. Go here to see which IPs currently in use for INFIMA's Phishing Testing
4. I find it easiest to Copy these IPs and use the Find Function to search

Phish Found! (Example raw email data showing INFIMA's Phishing IP)

And if you need any assistance, let us know at!