SLAM: Identify phishing emails and texts

Oct 12, 2023 | cybersecurity, phishing

The SLAM Method is an easy acronym to help remember what to look for to identify messages that could lead you down a what’s not quite a primrose path.

Phishing emails, or smishing in the case of SMS or text messages, are crafted messages designed to mislead the recipient into giving up confidential information and are a common root of over a third of all security breaches. Don’t think there’s much risk? Think again! According to IBM’s Cost of a data breach, 3.4 billion phishing emails are sent out every day. Most of these are generalized and blasted out to a large and random audience. With some social engineering, and recognizance though, cybercriminals can craft highly tailored messages to specific individuals. These are known as spear phishing attacks.

OK, so there are lots of phishing emails out there, but why be concerned? The global average cost of a data breach in 2023 has been 4.45 million US dollars and reflects a 15% increase just since 2020. The same report notes that the average time to detect an attack is 217 days. In 2023, the number of reported data breaches worldwide has been skyrocketing. According to TechRadar, 2023 Q1 saw 41.6 million (known) account breaches, but in Q2, that number jumped to 110.8 million accounts around the world. Of those numbers, The US saw an astronomical jump by 830% between Q1 and Q2. It’s important to understand that not all breaches are immediately known or reported publicly. We hear about the big corporations on the news, but not all. With numbers like these, there wouldn’t be time to take them all in.

What is the SLAM Method?

So, now that we have your attention, how do you tell if an email or text is phishing? The SLAM Method helps. SLAM stands for Sender, Links, Attachment, and Message. It’s a straightforward yet incredibly effective approach to recognizing and safeguarding against phishing attacks. Here’s how it works:

  1. Sender: Always scrutinize the sender’s email address. Cybercriminals often impersonate trusted organizations or individuals. Verify that the sender’s email is legitimate and matches the expected source. Note that the display name can be crafted to anything, it’s the actual address you want to look at.
  2. Links: Be cautious of any links embedded in emails. Hover your mouse over them to preview the actual URL before clicking. Ensure the link destination matches the purported content and is from a trusted source. See notes below on further inspection of URLs.
  3. Attachment: Think twice before opening email attachments, especially if you weren’t expecting them. Cybercriminals often use malicious attachments to infect your device. Confirm the sender’s legitimacy and the file’s relevance before opening. If anything about the attachment seems unusual such as file type, name, size, etc., confirm before clicking.
  4. Message: Pay close attention to the email’s content. Look for spelling errors, unusual language, or requests for sensitive information. Be wary of urgent or suspicious requests for personal or financial data.

While these steps don’t exactly apply to text messages, similar principals apply. Does the sender make sense? Is content reasonable? It’s not possible to hover over a link on your phone the way you can on a computer, and links can be crafted to hide the actual link by using a link shortener. Shortened links present reason for further concern. For example, becomes Both lead to our previous blog, but you can’t tell by looking at the second one or hovering over it. Use an expander tool online to find out what the actual URL is—and still inspect it closely for content, typos, etc.

Do you find this tip helpful? We have more! Contact us to see how easy it is to implement a training program for your team and avoid a breach that will cost you time, money and reputation.

Image by Jonathan Hammond from Pixabay

Essential Tech Solutions logo


Mon - Fri: 9 AM- 5 PM
By appointment
Sat- Sun: Closed