Many of us get more emails now than ever. While most are legitimate messages from your colleagues, clients, and suppliers, others are from bad actors. Scammers regularly aim to take advantage of us by tricking us into divulging sensitive data through their phishing attempts. Fortunately, there is a tool that helps separate trustworthy emails from unsafe ones. The tool is a mnemonic device called SLAM. SLAM goes like this:
S – Sender of the email
L – Links found in the body of the email
A – Attachments to the email
M – Message of the communication
Over the next four weeks, we’ll break down each letter in the SLAM mnemonic. This week we’ll begin with the letter S, which stands for Sender. When it comes to the Sender of an email, there are three items to consider:
The display name is the name that appears to help you quickly identify who the sender is. It could be Mary Poppins or Jake or Customer Support. Be mindful that the display name is customizable, so the sender can change it to suit their objective. Imposters often use a misleading display name to trick email recipients into trusting them.
Scammers create misleading email addresses, so checking them is essential. Ask yourself if the email address coincides with earlier emails you’ve received from the sender. For instance, if you work for Acme Corporation and you receive a work email from hummanresources@acme.com, should you open it? The misspelling of ‘human’ signals you shouldn’t.
The domain associated with an email is another telltale sign of how trustworthy it is. For example, if your boss has only ever emailed you from your employer’s business domain, but you unexpectedly receive a request from them via a Gmail account, it makes sense to ask your boss if the request is legitimate.
Vetting senders is critical to help you avoid taking the bait with email phishing attempts. In our next installment, we’ll look at what you need to know about email links. In the meantime, if you need help with cybersecurity training, contact a cybersecurity training company like Athreon. Athreon is one of the best cybersecurity training businesses that can help you strengthen your cybersecurity posture. Contact Athreon at 800.935.0973 or service@athreon.com for more details and a free cybersecurity consultation.