Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

The New NIST Phish Scale, Revealing Why End Users Click



Shanee T. Dawkins, Kristen Greene, Jody L. Jacobs


Developed based on over 4 years of NIST phishing training data, the NIST Phish Scale is a DIY method for rating human phishing detection difficulty – key to understanding variability in phishing click rates. This talk will cover why users click, why it’s important to understand phishing detection difficulty, and how to use the NIST Phish Scale. Understanding what emails your users are susceptible to will help you better defend against phishing attacks in the wild.


phishing, usability, usable cybersecurity, cybersecurity


Dawkins, S. , Greene, K. and Jacobs, J. (2020), The New NIST Phish Scale, Revealing Why End Users Click, [online], (Accessed May 30, 2024)


If you have any questions about this publication or are having problems accessing it, please contact

Created October 21, 2020, Updated November 5, 2020