Posted on by Patricia Popescu

SLAM Method: Protecting Your Business from Phishing Attacks

Jeff Sterling

There is a reason why phishing is usually at the top of the list for security awareness training. For the last decade or two, it has been the main delivery method for all types of attacks. Ransomware, credential theft, database breaches, and more can be launched via a phishing email.

Why has phishing remained such a large threat for so long? Because it continues to work. Scammers evolve their methods as technology progresses. They use AI-based tactics to make targeted phishing more efficient, for example.

If phishing didn’t continue working, then scammers would move on to another type of attack. But that hasn’t been the case. People continue to get tricked. They open malicious file attachments, click on dangerous links, and reveal passwords.

Studies also show that as soon as 6 months after training, phishing detection skills wane. Employees begin forgetting what they’ve learned, and cybersecurity suffers as a result.
Give your employees/coworkers an easy to remember method for suspicious of phishing identification – SLAM!

Phishing: A cyber-attack tricking individuals into revealing sensitive information such as passwords, client data, financial data, or for the unsuspecting user to download an attachment or visit a link to infect their computer, usually via email.

Types of Phishing: Includes social engineering methods like smishing (texts) and vishing (calls).

SLAM Acronym:

  • Sender: Verify the sender’s email address.
  • Links: Check where links lead.
  • Attachments: Be cautious with file attachments.
  • Message: Assess if the email makes sense.

Best Practices:

  • Teach the SLAM method or implement Security Awareness Training (SAT).
  • Use business-grade endpoint & anti-virus protection.
  • Scan files sources, services and malware to secure document sharing.
  • Implement Zero Trust Cyber Security.

Understanding and using SLAM can help prevent phishing, a leading cause of data breaches. Both awareness training and security software can improve your defenses against phishing attacks. Contact us today to discuss your email security needs.