What does SLAM stand for in cyber security

What does the abbreviation SLAM mean?

The acronym SLAM can be used as a reminder of what to look for to uncover likely phishing emails. SLAM stands for:

  • sender
  • links
  • attachments,
  • message


If hackers send phishing emails , they often mimic the email address of a trusted sender in order to force recipients to open the email. Therefore, it is essential to check the sender’s email address before opening an unsolicited email. To verify the validity of the email address, recipients should aim the mouse pointer at the sender’s name to find out where the email came from before opening it. It is a good idea to scrupulously check for misspellings in the trustee’s name or the company’s name. It is also important to note that emails from companies usually include the name of the company in the domain address. For example, an email from [email protected]. com does not appear to be a legitimate Microsoft email address.


Phishing emails in most cases include links which allow attackers to
steal the recipient’s credentials and infiltrate their network. As with the sender’s email address, the links in the email should be checked to see if the link is legitimate. is the URL genuinely directing you to the page it is talking about? Are there any typos in the link address? in addition, it is recommended that you don’t click the hyperlink in the email itself, but go directly to the company’s internet site. For instance, many phishing emails incorrectly state that your login credentials to the conditioned company have been compromised, and the body of the email contains a hyperlink to reset.

However, when you click that link, you are exposing your credentials to a hacker. because most people use the same login credentials on different platforms, by stealing your credentials in one incident, it is likely that hackers will gain access to your other credentials. Whenever you receive an email telling you that your login credentials have been compromised or that you need to reset your password, you should manually enter the company’s internet site into your web browser. This way, you can be sure that you are on a legitimate website, which will prevent the theft of your credentials.


Never open email attachments from a sender you don’t know. although even if you do know the sender, you shouldn’t disclose unnecessary attachments. Hackers often send harmful attachments by using the contact list of a compromised email address to infiltrate the recipient’s system. It’s unlikely that a firm would send email attachments without warning. If you want to examine the reliability of an email attachment, you should contact the sender directly to confirm that the attachment sent was legitimate.


However, phishing emails have become more sophisticated over the years and the content of the email itself can often be dead evidence. Phishing emails often contain general greetings, typos, grammatical errors or incomprehensible wording. You should not believe emails containing any of the above.

What to Do When You Recognize a Phishing Email

While it will help you to use the SLAM method to identify phishing emails, it’s also good to know what to do when you recognize a phishing email.

Mark the email as spam
Inform management about the phishing attempt so that they can alert other management personnel.
Inform your IT department or MSP about the message so that they will blacklist the sender’s domain addresses.
Do not forward this email to anyone else.

Leave a Reply

Your email address will not be published. Required fields are marked *