As we continue our blog series on the SLAM method for spotting dangerous emails, we’ll look at the L in SLAM this week. The letter L stands for Links. Links can come in a variety of forms. These include hyperlinked words in the body of an email message. Likewise, email senders will often embed links in buttons that say things like Click Here or Unsubscribe. In other instances, the entire email message may be a hyperlink, and clicking anywhere on the email message could take you to a fictitious web page or initiate a malware download. This underscores why vetting emails is essential for staying safe online.
As a recap, the letters in SLAM stand for the following:
S – Sender of the email
L – Links found in the body of the email
A – Attachments to the email
M – Message of the communication
So how can you protect yourself from malicious links in email messages?
Investigate where the link would take you? You can safely do this by hovering your mouse over the link without clicking anything. Does the path for the link make sense for the context of the email? For instance, let’s say you receive an email from your employer prompting you to click a link to update your password. When you hover your mouse over the link, it says trojanhorse.sneaky.com. Avoid clicking this link!
In some cases, when you hover your mouse over a link, it may seem like it could be legitimate, but you’re not 100% certain. When this happens, contact the sender to verify their request. However, don’t reply to the suspicious email. Instead, contact the sender via a different method like phone, text, or messenger. Verifying the legitimacy of the request with the sender can save you a lot of trouble.
While links can be a convenient way of getting to places quickly, we cannot always trust them. Remember, vetting links is only one aspect of the SLAM method. Following all the SLAM components is essential when it comes to email security.
In our next installment in this blog series, we’ll look at the A in the SLAM mnemonic. In the meantime, if you’d like assistance with cybersecurity training, consider contacting a cybersecurity training company. For example, Athreon can help you minimize online risks and strengthen your organization’s cybersecurity. Contact Athreon at 800.935.0973 or service@athreon.com for more details and a no-cost cybersecurity consultation.