Sorry, I cannot agree, the header is what the scammer is hoping will hook the would be victim as it often reads as if it has come from your supplier whilst as previously stated the originating e-mail address may well give clues that it is not genuine.
I think you might be talking at cross purposes with
@najaB slightly.
The 'headers' of an email are information which is contained in the email but which usually isn't displayed to the user via an email client. They contain things like the domain name or IP address of the servers it was sent from, as well as other details of the transmission, metadata added by other software such as the sender's email client, and also various other information which is needed in some cases but completely pointless to the average user. You can't read it, but it's there.
The body of the email might also contain a header in the sense of a title at the top of something, but that's different, and not what would usually let you know that it's a scam.
The sender's email address that you see in your email client is one piece of information that is transmitted in the headers, but it relies on the sender to report it correctly.
There are several reasons that this isn't a perfect analogy, but you can think of it as follows: if you lived in Glasgow but wanted to pretend to somebody you were in Manchester, you could send them a letter and write on a sender's address in Manchester. However, if the person receiving the letter wanted to check that you really were in Manchester, they could look closely at the postmark, and they would be able to see that it was actually sent from Glasgow. In this case, the sender's address that you wrote on is the equivalent of the sender's address on the email (most people will declare it correctly, but there's absolutely nothing to stop you doing it wrong, maliciously or otherwise). The postmark is the equivalent of the headers in the email.