Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.


The New NIST Phish Scale, Revealing Why End Users Click

October 22, 2020


Shanée Dawkins - NIST
Jody Jacobs - NIST
Kristen Greene - NIST


Developed based on over 4 years of NIST phishing training data, the NIST Phish Scale is a DIY method for rating human phishing detection difficulty – key to understanding variability in phishing click rates. This talk will cover why users click, why it’s important to understand phishing detection difficulty, and how to use the NIST Phish Scale. Understanding what emails your users are susceptible to will help you better defend against phishing attacks in the wild.

Related Topics

Security and Privacy: awareness training & education, phishing

Applications: cybersecurity education, cybersecurity workforce

Created November 30, 2023