Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Phishing for User Context: Understanding the NIST Phish Scale

Published

Author(s)

Shanee Dawkins, Jody Jacobs

Abstract

The NIST Phish Scale is a method for measuring human phishing detection difficulty, providing a metric – a phishing email detection difficulty rating – for phishing training implementers to gain a better understanding of the variability in click rates resulting from their phishing training exercises. This talk will give an overview of the role user context plays in phishing detection and how our research led to the creation of the NIST Phish Scale. We will also present the NIST Phish Scale in detail, highlighting new ways to apply it in phishing awareness programs.
Proceedings Title
Federal Information Security Educators (FISSEA) Summer Virtual Forum 2023
Conference Dates
August 23, 2023
Conference Location
Gaithersburg, MD, US

Keywords

phishing, NIST Phish Scale, user context, human factors

Citation

Dawkins, S. and Jacobs, J. (2023), Phishing for User Context: Understanding the NIST Phish Scale, Federal Information Security Educators (FISSEA) Summer Virtual Forum 2023, Gaithersburg, MD, US, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=956439 (Accessed September 25, 2023)
Created August 23, 2023, Updated September 14, 2023