Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

The New NIST Phish Scale, Revealing Why End Users Click

Published

Author(s)

Shanee T. Dawkins, Kristen Greene, Jody L. Jacobs

Abstract

Developed based on over 4 years of NIST phishing training data, the NIST Phish Scale is a DIY method for rating human phishing detection difficulty – key to understanding variability in phishing click rates. This talk will cover why users click, why it’s important to understand phishing detection difficulty, and how to use the NIST Phish Scale. Understanding what emails your users are susceptible to will help you better defend against phishing attacks in the wild.

Keywords

phishing, usability, usable cybersecurity, cybersecurity

Citation

Dawkins, S. , Greene, K. and Jacobs, J. (2020), The New NIST Phish Scale, Revealing Why End Users Click, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=931366 (Accessed October 11, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created October 21, 2020, Updated November 5, 2020