Phishing Evaluation

Introduction

After a phishing campaign has been completed, it is time to give the obtained data to the customer. Furthermore, most customers need a grade in order to explain to their superiors how bad the results have been.

Thus, you must provide your customers with an objective result based on a comprehensive analysis of the phishing campaign's outcomes.

Result analysis

First, let's assign some values to the actions appearing on GoPhis.

Phishing actionsValue

Open the email

1

Click on the email link

3

Write credentials on the phishing page

5

Then, obtain the highest value achieved in a phishing campaign and obtain a set of intervals in which the grades will be divided.

The highest can be achieved with the following formula.

MaximumScore=NumEmailsSentโˆ—โˆ‘ScoreOfEachAction=NumEmailsSentโˆ—8MaximumScore = NumEmailsSent*\sum Score Of Each Action=NumEmailsSent*8

After that, assign the percentages of victims required to obtain a certain grade, as can be seen in this table:

Business Size (BS)/Intervals100000 Employees10000 Employees1000 Employees100Employees10 Employees

Excellent

0,20%

1%

1%

%1

10%

Acceptable

0,35%

1,5%

3%

5%

20%

Improvable

0,5%

5%

5%

10%

30%

Unsatisfactory

1%

10%

15%

20%

40%

Each value represents the maximum number of employees who must complete every action that makes up the phishing campaign to obtain the security level.

For example, a company with between 1,000 and 10,000 employees must have a maximum of 1% of employees completing all actions to be considered to have an excellent level of security.

After that, the intervals are determined using the following formula:

LevelInterval

Excellent

[0 , MaxScore*BS[Excellent] [

Acceptable

[ MaxScore*BS[Excellent] , MaxScore*BS[Acceptable] [

Improvable

[ MaxScore*BS[Acceptable] , MaxScore*BS[Improvable] [

Unsatisfactory

[ MaxScore*BS[Improvable] , MaxScore*BS[Unsatisfactory] [

Deficient

[MaxScore*BS[Unsatisfactory], MaxScore ]

The value of the phishing campaign is calculated with the following formula:

PhishinScore=โˆ‘PhishingActions(ActionValueโˆ—NumberOfVictims)PhishinScore=\sum_{Phishing Actions}(ActionValue*NumberOfVictims)

Finally, you only have to relate the score to the interval to obtain the grade.

Phishing Evaluation Template

Because this explanation may have been a bit complicated to implement, I have prepared a spreadsheet for you to play around with.

39KB
Phishing_score_calculator.ods

Last updated