The National Institute of Standards and Technology (NIST) has created a new method that organizations may use to protect themselves from phishing, a cyber attack that uses emails with malicious links potentially containing malware.
The method, known as The Phish Scale, is designed to inform explanations behind the click rates of links found in phishing emails, the National Institutes of Standards and Technology said Thursday.
“The Phish Scale is intended to help provide a deeper understanding of whether a particular phishing email is harder or easier for a particular target audience to detect,” said Michelle Steves, a NIST researcher.
NIST used a rating system that bases results on cues seen in a phishing email's content. These cues may serve as factors that convince individuals to perceive the email as legitimate.
Steves and fellow researcher Kristen Greene said NIST needs other parties, including those outside the public sector, to provide more data for Phish Scale's further development. The additional data would expand the scale's use to include a wider range of operational scenarios.