August 23, 2023
Shanée Dawkins - NIST
Jody Jacobs - NIST
The NIST Phish Scale is a method for measuring human phishing detection difficulty, providing a metric – a phishing email detection difficulty rating – for phishing training implementers to gain a better understanding of the variability in click rates resulting from their phishing training exercises. This talk will give an overview of the role user context plays in phishing detection and how our research led to the creation of the NIST Phish Scale. We will also present the NIST Phish Scale in detail, highlighting new ways to apply it in phishing awareness programs.