Understanding the SLAM Acronym

In the fight against phishing emails, the SLAM acronym is a handy tool to help spot threats. SLAM stands for Sender, Links, Attachments, and Message—important things to check when trying to identify phishing emails.

While an Internet Service Provider (ISP) router, wireless access point, or firewall may offer basic security for home users, they don’t meet the advanced protection needs of businesses. These devices typically provide minimal configurations controlled by the ISP. Consequently, this lack of customization and advanced security features leaves businesses vulnerable to sophisticated cyber threats. 


Phishing perpetrators often disguise themselves as trustworthy senders, using a familiar email address to deceive recipients. To protect yourself, it’s crucial to scrutinize the sender’s email address before opening unsolicited emails. Verify an email’s legitimacy by hovering your mouse pointer over the sender’s name to uncover its true source. Pay close attention to any misspellings in a trusted individual’s name or a company’s name. Additionally, legitimate company emails typically include the company’s name in the domain address. For example, an email from “microsoft-support@gmail.com” is not a genuine Microsoft email. A legitimate Microsoft email would appear as “support@microsoft.com.”


Phishing emails often include links that aim to steal login details and gain unauthorized access to networks. Just like with sender addresses, verify the legitimacy of links in emails by hovering over them. Check if the URL matches the stated webpage and look for any spelling mistakes in the link. For better security, refrain from clicking on links directly within the email. For example, phishing emails might falsely claim your login credentials are compromised and provide a reset link. Clicking such links can expose your credentials to hackers. Since many people use the same login information across different platforms, compromising credentials once can lead to hackers accessing other accounts. When you receive emails about compromised login details or password resets, manually type the company’s website address into your browser to ensure you’re on the genuine site. This step helps protect your login details from theft.


Never open email attachments from unfamiliar senders, and exercise caution even with attachments from known sources. Hackers often use compromised email addresses to distribute malicious attachments to the recipient’s contacts. It’s unlikely that a legitimate business would send an unsolicited email attachment. If you wish to verify the authenticity of an email attachment, reach out to the sender directly to confirm its legitimacy.


While phishing techniques have grown more sophisticated over time, the content of the message itself can still reveal malicious intent. Phishing emails often feature generic greetings, misspellings, grammatical errors, or unusual wording. Any email exhibiting these characteristics should be treated with skepticism.

Responding to a Phishing Email

In addition to using the SLAM method for identifying phishing emails, it’s essential to know how to respond when you recognize one:

    1. Mark the email as spam.
    2. Report the phishing attempt to your organization’s management to alert other employees.
    3. Report the email to your IT department or Managed Service Provider (MSP) to blacklist the sender’s domain address.
    4. Do not forward the email to anyone else.

By following these guidelines and employing the SLAM method, you can better protect yourself and your organization from phishing threats.

Cheyenne Harden

Cheyenne Harden


Follow for more like this!