Why has phishing remained such a large threat for so long? Because it continues to work. Scammers evolve their methods as technology progresses, employing AI-based tactics to make targeted phishing more efficient.
If phishing didn’t continue returning benefits, then scammers would move on to another type of attack. But that hasn’t been the case. People continue to get tricked.
In May of 2021, phishing attacks increased by 281%. Then in June, they spiked another 284% higher.
Studies show that as soon as 6 months after a person has been trained on phishing identification, their detection skills can begin waning as they forget things.
Give employees a “hook” they can use for memory retention by introducing the SLAM method of phishing identification.
What is the SLAM Method for Phishing Identification?
One of the mnemonic devices known to help people remember information they are taught is the use of an acronym. SLAM is an acronym for four key areas of an email message that should be checked before trusting it. These are:
S = Sender
L = Links
A = Attachments
M = Message text
By giving people the term “SLAM” to remember, it’s quicker for them to do a check on any suspicious or unexpected email without missing something important.
All they need to do is run down the cues in the acronym.
S = Check the Sender
It’s important to check the sender of an email thoroughly. Often scammers will either spoof an email address or use a look-alike address that people easily mistake for the real thing.
You can double-click on the sender’s name to ensure the email address is legitimate.
L = Hover Over Links Without Clicking
Hyperlinks are popular to use in emails because they can often get past antivirus/anti-malware filters.
You should always hover over links without clicking on them to reveal the true URL. This often can immediately call out a fake email scam due to them pointing to a strangely named or misspelled website.
A = Never Open Unexpected or Strange File Attachments
Never open strange or unexpected file attachments, and make sure all attachments are scanned by an antivirus/anti-malware application before opening.
M = Read the Message Carefully
If you rush through a phishing email, you can easily miss some telltale signs that it’s a fake, such as spelling or grammatical errors.
Look for words or phrases not normally used by the person who’s emailing you. Words like “kindly” and “revert” are tell-tale clues the email come from someone who’s not your normal sender.
Also, be on the lookout for pressure to act quickly or unexpected banking change requests. While it happens, it is rare for a company to change banks without months of advance notice.
Get Help Combatting Phishing Attacks
Both awareness training and security software can improve your defenses against phishing attacks. Contact us today to discuss your email security needs.