We believe cybersecurity isn’t totally an issue of firewalls and threats. It’s about people.
And one of the largest, everyday security concerns that targets people is phishing.
If you’ve ever had a team member click on a suspicious link, open a strange attachment, or buy a gift card for their boss when it wasn’t actually their boss asking, you know how those mistakes can turn into a full-blown IT issue.
For small and mid-sized businesses in Buffalo, these risks are real. And the costs are high.
That’s why we want to teach anyone who hasn’t heard it before a simple, memorable strategy for identifying a phishing email: the SLAM method.
What Is the SLAM Method?
The SLAM method gives users a four-point checklist to identify elements of an email that indicate whether it’s legitimate or a likely phishing attempt. SLAM stands for:
- Sender
- Links
- Attachments
- Message
Let’s break each one down and explain how it can help your business reduce human error and strengthen your first line of email security.
S — Confirm the Sender
Start by looking closely at the sender’s name and email address.
Cybercriminals often impersonate trusted contacts by using addresses that look almost right, like billing@yourcompaany.com instead of billing@yourcompany.com.
Email tools also allow users to customize the sender name field that shows up in your employees’ inboxes.
An email could be from “Amazon Customer Service” and that team member may click it if they’re expecting an update about an order from Amazon. By using the SLAM method, that person would verify if it came from a legitimate email domain with their proper website (@amazon.com) or if it came from a fraudulent one (like amazonsupport@outlook.com, for example).
Tip: In your inbox in Outlook, you can hover over the sender name without clicking an email message, and it will display the email address of that sender! That’s the easiest first step to assess the likelihood of a phishing attempt.
L — Check the Links First
Phishing emails usually include links that look legitimate at first glance. Without proper care, a phishing link can push users to a site where they can share personal information with malicious actors.
By hovering over the link (or long-pressing on mobile as if you’re going to copy/paste text), you can preview the full web address without clicking.
Tip: If the link address doesn’t match the visible text, or if the domain name is slightly off, do not click. We’ll get into it a little later on, but if the context of what is being asked of you leading up to the link seems suspicious or untrustworthy, it probably is – trust your gut!
A — Think Before Opening Attachments
As with links, attachments should not be clicked or opened unless you are absolutely certain of the contents that are included.
Attached files in an email can carry malware that allows a hacker access to view and edit data on your computer, connect to networks you’re connected to, or even lock down computers and servers to initiate a ransomware situation.
Files like .zip, .exe, or even macro-enabled Word or Excel files should raise red flags. Beyond a standard file or PDF, these file types indicate a high amount of compressed data capable of significant functions, which is how a hacker would be able to perform their malicious work so quickly.
Tip: If you’re not expecting a file, or it seems unrelated to your usual work, backtrack through SLAM and check the email sender before opening it.
M — Analyze the Message Carefully
Phishing emails often try to create urgency or fear to get people to act quickly. If an email is trying to connect emotionally to drive quick action, that’s a good indicator you should pause for a closer look.
Messages with poor grammar, awkward wording, or strange requests (like buying gift cards or wiring money) should make you reconsider the ask.
Part of this is personal training and practice – most everyday office work requires prompt review and response of email messages, and hackers try to take advantage of that.
Tip: If you’re unsure of an email message you received, check in with another employee or supervisor in the office, over the phone, or through another communication channel like Teams or Slack. Worst case, it was actually a legitimate ask and you have confirmation to move forward with the request!
Why SLAM Works for Employees Everywhere
Phishing attacks aren’t just a big-business problem. In fact, small and mid-sized businesses are often targeted because attackers know they may not have dedicated cybersecurity resources in-house.
Because of how much data exists in the nature of business today, small businesses can use the SLAM method to better identify social engineering operations. These are cases where hackers might pose as customers or suppliers in order to build trust and get employees to share sensitive information.
Training your staff to SLAM every suspicious email is a cost-effective, easy-to-implement step toward better cybersecurity. It reduces the likelihood of successful phishing attempts and helps your team stay alert and confident.
What Happens If Someone Still Clicks?
Human error is a part of life. Even with the right training, mistakes can happen. That’s why SLAM should be considered a preventive measure as part of a broader cybersecurity strategy that includes:
- Endpoint protection and antivirus
- Regular backups
- Email filtering tools
- Business continuity and incident response planning
The Right IT Partner Has Your Back on Email Security
At Lighthouse, our managed IT services team builds layered defenses and provides proactive support, so one mistake doesn’t turn into a major disaster.
Whether we’re managing your entire technology environment, supporting your internal team with co-managed services, or helping you hire a new IT director or systems administrator, we’re here to help you stay protected.
