The New NIST Phish Scale, Revealing Why End Users Click

Shanee T. Dawkins; Kristen Greene; Jody L. Jacobs

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

The New NIST Phish Scale, Revealing Why End Users Click

Published

October 22, 2020

Author(s)

Shanee T. Dawkins, Kristen Greene, Jody L. Jacobs

Abstract

Developed based on over 4 years of NIST phishing training data, the NIST Phish Scale is a DIY method for rating human phishing detection difficulty key to understanding variability in phishing click rates. This talk will cover why users click, why its important to understand phishing detection difficulty, and how to use the NIST Phish Scale. Understanding what emails your users are susceptible to will help you better defend against phishing attacks in the wild.

Pub Type

Talks

Download Paper

Local Download

Keywords

phishing, usability, usable cybersecurity, cybersecurity

Usability and human factors and Cybersecurity

Citation

Dawkins, S. , Greene, K. and Jacobs, J. (2020), The New NIST Phish Scale, Revealing Why End Users Click, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=931366 (Accessed May 18, 2025)

Issues

If you have any questions about this publication or are having problems accessing it, please contact [email protected].

Created October 21, 2020, Updated November 5, 2020

The New NIST Phish Scale, Revealing Why End Users Click

Author(s)

Abstract

Download Paper

Keywords

Citation

Additional citation formats

Issues