/* ---- Google Analytics Code Below */

Friday, September 25, 2020

Measuring Why Users Click on Fraudulent Emails

 What seems a useful measurement scale for understanding this.  Its still very basic behavior.

The Phish Scale: NIST-Developed Method Helps IT Staff See Why Users Click on Fraudulent Emails


Researchers at the U.S. National Institute of Standards and Technology (NIST) have developed the Phish Scale, which could help organizations better train their employees to avoid being deceived by seemingly trustworthy emails. The scale is designed to help information security officers better comprehend click-rate data, in order to gauge phishing training programs' effectiveness more accurately. NIST's Michelle Steves said, "The Phish Scale is intended to help provide a deeper understanding of whether a particular phishing email is harder or easier for a particular target audience to detect." The scale employs a rating system based on message content in a phishing email, highlighting five elements rated on a 5-point scale associated with the scenario's premise. Trainers use the overall score to analyze their data and rank the phishing exercise's difficulty level as low, medium, or high.  ... "

No comments: