Did you know that scientists are currently studying the factors that make users click on a phishing email? Our friends at NIST have developed the Phish Scale by studying the behavior of 5000 users to identify cues that help someone spot a malicious email. The fewer cues there are the more effective the phish is.
“As organizations continue to invest in phishing awareness training programs, many Chief Information Security Officers (CISOs) are concerned when their training exercise click rates are high or variable, as they must justify training budgets to those who question the efficacy of training when click rates are not declining. We argue that click rates should be expected to vary based on the difficulty of the phishing email for a target audience. Past research has shown that when the premise of a phishing email aligns with a user’s work context, it is much more challenging for users to detect a phish. ” — A Phish Scale: Rating Human Phishing Message Detection Difficulty
Watch to learn more: https://csrc.nist.gov/CSRC/media/Projects/usable-cybersecurity/images-media/Introducing_Phish_Scale__Video_Download.mp4
Our offering: Unlimited Technology offers Cybersecurity Awareness Training to help you empower your workforce to make secure decisions in high pressure situations. A well trained workforce will decrease your exposure to online fraud. Contact us for more information at Info@utglobal.com.