Skip to main content

SLAM Method Improves Phishing Detection

Open laptop with phishing hook attached to email

Email phishing continues to be at the top of the list for the security awareness training we do with our clients at Omni. For the last decade or two, phishing has been the main delivery method for all types of attacks. Ransomware, credential theft, database breaches, and more launched via a phishing email.

So, why has phishing remained such a large threat for so long? Because it continues to work! Scammers evolve their methods as technology progresses. They use AI-based tactics to make targeted phishing more efficient, for example.

If phishing didn’t work, scammers would move on to another type of attack. People continue to get tricked. They open malicious file attachments, click on dangerous links, and reveal passwords. At Omni, we see it every day. A client calls in a panic because clicked on a malicious email. The scariest ones are the clients that don’t realize they did anything wrong.

In May of 2021, phishing attacks increased by 281%. Then in June, they spiked another 284% higher.

Phishing detection skills wane as soon as 6 months after training. Employees begin forgetting what they've learned, and cybersecurity suffers as a result.

To combat this, we recommend giving employees a “hook” they can use for memory retention. We call it the SLAM Method of phishing identification

SLAM Method for Phishing Email Identification

Mnemonic devices help people remember information. In this case the device is the use of an acronym to describe the steps used to determine if an email is legit or phishing. SLAM is an acronym for four key areas of an email message to check before trusting it.

These are:

S = Sender
L = Links
A = Attachments
M = Message text

By giving people the term “SLAM” to use, it’s quicker for them to check a suspicious email. This device helps them avoid missing something important. All they need to do use the cues in the acronym.


It’s important to check the sender of an email thoroughly. Often scammers will either spoof an email address or use a look-alike. People often mistake a spoofed address for the real thing.

In this phishing email below, the email address domain is “” The scammer is impersonating Bank of America. This is one way that scammers try to trick you, by putting the real company’s URL inside their fake one.

Sample phishing email from Bank of America imposter

The email is very convincing. It has likely fooled many people into divulging their personal details. People applying for a credit card provide a Social Security Number, income, and more.

However, doing a quick search on the email address, quickly reveals it to be a scam. And a trap used in both email and SMS phishing attacks.

Screenshot of a Google Search

It only takes a few seconds to type an email address into Google (or any search engine). This allows you to see if any scam warnings come up indicating this could be a phishing email.


Hyperlinks in the form of words, images, and buttons are popular to use in emails. They can often get past antivirus/anti-malware filters. Those filters are looking for file attachments that contain malware. But a link to a malicious site doesn’t contain any dangerous code. Instead, it links to a site that does. Therefore, Omni recommends computer users hover over links with a mouse WITHOUT clicking to reveal their destination. This can immediately call out a fake email scam. Does it look suspicious? 

Example of a phishing email from Amazon imposter

When looking at email on a mobile device, it can be trickier to see the URL without clicking on it. There is no mouse like there is with a PC.  In this case, it’s best not to click the URL at all. Instead go directly to the purported site to check the validity of the message.


File attachments are still widely used in phishing emails. Messages may have them attached, promising a large sale order. The recipient might see a familiar word document and open it without thinking.

It’s getting harder to know what file formats to avoid opening. Cybercriminals have become savvier about infecting all types of documents with malware. At Omni, we have even seen PDFs with malware embedded.

Our recommendation is to never open strange or unexpected file attachments. Contact the sender to confirm authenticity or use an antivirus/anti-malware application to scan all attachments before opening.


We’ve gotten great at scanning through text as technology has progressed. This can allow our brains compensate for misspellings and bad grammar. But if you rush through a phishing email, you can miss some telltale signs that it’s a fake.

Look at the phishing example posted above in the “Links” section. There is an error in grammar in the second sentence. Did you spot it?

It says, “We confirmation that your item has shipped,” instead of “We confirm that your item has shipped.” These types of errors can be hard to spot but are a certainly a red flag that the email is not legitimate.

We're Here to Help Combat Phishing Attacks

Both awareness training and security software can improve your defenses against phishing attacks. Omni Strategic Technologies is committed to helping your business avoid the costly mistake of phishing attacks. Contact us today to discuss your email security needs.

Featured Image by DIDIER PETIT from Pixabay

Keep Reading