What is the SLAM Method? Identify Phishing Emails with SLAM Method

What is the SLAM Method? Identify Phishing Emails with SLAM Method
Table of Contents
    Add a header to begin generating the table of contents

    SLAM method stands for: Stop, Look, Ask, and Manage. The method is four step framework that involves double-checking the Sender, Link, Attachment, and Message.


    What is the SLAM Method?

    The SLAM method provides a simple and effective framework for identifying phishing emails through careful inspection and verification of key details. As phishing attacks continue to rise in frequency and sophistication, following the SLAM approach is an important line of defense for both organizations and individuals against the threat of data breaches.

    SLAM Method Meaning

    The acronym SLAM stands for Stop, Look, Ask, and Manage – each step guiding the user through a process when receiving an unfamiliar or potentially fraudulent email.

    STOP Before Action!

    The first “S” emphasizes the importance of stopping before taking any actions like clicking links or opening attachments. Too often users are impatient and fail to scrutinize emails properly. By pausing to systematically analyze the details, many phishing attempts can be spotted.

    LOOK Closely for Red Flags

    When stopping to look, the “L” instructs users to examine the sender address closely. Cyber criminals often spoof legitimate domains to trick recipients, so users must hover over sender addresses to check for misspellings or unusual domains that could indicate spoofing. Additionally, the email body should be inspected for any suspicious requests for sensitive information or login credentials through a provided link. Phishing emails frequently use a sense of urgency or fake technical issues to manipulate recipients.

    ASK The Experts

    If unsure after carefully looking at an email, the “A” advises users to ask a trusted source like the IT department for a second opinion before proceeding. When in doubt about an email’s authenticity, never open attachments or click links, as these are common routes for installing malware. Consulting technical experts helps validate emails and avoid risky actions.

    MANAGE According to Best Practices

    The M in the slam methods stands for “Management”. This point emphasizes the importance of proper email management. Any phishing attempts identified through the SLAM process must then be reported to IT and deleted from the user’s inbox and devices. Not only does this help limit damage from the initial email, but also allows security teams to monitor phishing trends and block similar trickery in the future.

    SLAM Method in Action

    Here is a sample case example of the SLAM method:

    Stop

    John receives an email from his bank while busy at work. Instead of opening it immediately, he stops and pauses to carefully inspect the message first.

    Look

    When John looks and hovers over the sender address in the email, he notices it says bankofameriaca.com instead of his actual bank’s domain. This flags it as potentially fake.

    Ask

    Unsure if the email is legitimate, John forwards it to his company’s IT help desk and asks for verification. They confirm it is fraudulent after checking the dodgy domain name.

    Manage

    With the phishing attempt now identified, John manages and deletes the email from his inbox without clicking any links inside it. He also files a report with IT so they are aware of the spoofing attempt.

    Conclusion

    When consistently applied by users throughout an organization, the straightforward SLAM methodology makes it significantly harder for phishing schemes to succeed.

    Combined with preventative technical controls and ongoing user training, following this strategic email screening protocol strengthens defenses against growing cyber threats and supports compliance with regulations around data protection.

    For more on phishing attacks, read our guide on phishing and spear phishing!

    Related Posts