NIST Introduces New Method to Assess Phishing Cases

NIST Introduces New Method to Assess Phishing Cases
Cyber Attack

The National Institute of Standards and Technology (NIST)  has created a new method that organizations may use to protect themselves from phishing, a cyber attack that uses emails with malicious links potentially containing malware. 

The method, known as The Phish Scale, is designed to inform explanations behind the click rates of links found in phishing emails, the National Institutes of Standards and Technology said Thursday.

“The Phish Scale is intended to help provide a deeper understanding of whether a particular phishing email is harder or easier for a particular target audience to detect,” said Michelle Steves, a NIST researcher.

NIST used a rating system that bases results on cues seen in a phishing email's content. These cues may serve as factors that convince individuals to perceive the email as legitimate.

Steves and fellow researcher Kristen Greene said NIST needs other parties, including those outside the public sector, to provide more data for Phish Scale's further development. The additional data would expand the scale's use to include a wider range of operational scenarios.

You may also be interested in...

Merel Ekelhof

Merel Ekelhof Joins JAIC as Foreign Exchange Officer; Lt. General Michael Groen Quoted

Merel Ekelhof, formerly an artificial intelligence innovation manager at the Defense Materiel Organization Joint IV Commando in the Netherlands, has been appointed foreign exchange officer at the Department of Defense's (DoD) Joint Artificial Intelligence Center (JAIC). Ekelhof will handle issues on AI ethics, policy, governance and international partnerships as part of the center's strategy and policy team.