NOTICE: Due to a lapse in annual appropriations, most of this website is not being updated. Learn more.
Form submissions will still be accepted but will not receive responses at this time. Sections of this site for programs using non-appropriated funds (such as NVLAP) or those that are excepted from the shutdown (such as CHIPS and NVD) will continue to be updated.
An official website of the United States government
Here’s how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Peering into the Phish Bowl: An Analysis of Real-World Phishing Cues
Published
Author(s)
Lorenzo Neil, Shanee Dawkins, Jody Jacobs, Julia Sharp
Abstract
Organizations use simulated phishing awareness train-ing exercises to help users identify, detect, and defend against the ever-changing phishing threat landscape. Realistic phishing emails are used to test users' ability to spot a phish from visible cues. However, there are no metrics aimed at classifying the saliency of these visual cues. In this research, we analyzed different types of cues present in real-world phishing emails. The most common cues and cue types are presented, along with the frequency of their use in real-world phishing emails.
Proceedings Title
Proceedings of the Nineteenth Symposium on Usable Privacy and Security
Conference Dates
August 6-8, 2023
Conference Location
Anaheim, CA, US
Conference Title
Nineteenth Symposium on Usable Privacy and Security
Neil, L.
, Dawkins, S.
, Jacobs, J.
and Sharp, J.
(2023),
Peering into the Phish Bowl: An Analysis of Real-World Phishing Cues, Proceedings of the Nineteenth Symposium on Usable Privacy and Security, Anaheim, CA, US, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=956178
(Accessed October 13, 2025)