> For the complete documentation index, see [llms.txt](https://the-pentesting-guide.marmeus.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://the-pentesting-guide.marmeus.com/humint/phishing-evaluation.md). # Phishing Evaluation ## Introduction After a phishing campaign has been completed, it is time to give the obtained data to the customer. Furthermore, most customers need a grade in order to explain to their superiors how bad the results have been. Thus, you must provide your customers with an objective result based on a comprehensive analysis of the phishing campaign's outcomes. ## Result analysis First, let's assign some values to the actions appearing on GoPhis. | Phishing actions | Value | | -------------------------------------- | ----- | | Open the email | 1 | | Click on the email link | 3 | | Write credentials on the phishing page | 5 | Then, obtain the highest value achieved in a phishing campaign and obtain a set of intervals in which the grades will be divided. The highest can be achieved with the following formula. $$ MaximumScore = NumEmailsSent\*\sum Score Of Each Action=NumEmailsSent\*8 $$ After that, assign the percentages of victims required to obtain a certain grade, as can be seen in this table: | Business Size (BS)/Intervals | 100000 Employees | 10000 Employees | 1000 Employees | 100Employees | 10 Employees | | ---------------------------- | ---------------- | --------------- | -------------- | ------------ | ------------ | | **Excellent** | 0,20% | 1% | 1% | %1 | 10% | | **Acceptable** | 0,35% | 1,5% | 3% | 5% | 20% | | **Improvable** | 0,5% | 5% | 5% | 10% | 30% | | **Unsatisfactory** | 1% | 10% | 15% | 20% | 40% | Each value represents the maximum number of employees who must complete every action that makes up the phishing campaign to obtain the security level. For example, a company with between 1,000 and 10,000 employees must have a maximum of 1% of employees completing all actions to be considered to have an excellent level of security. After that, the intervals are determined using the following formula: | Level | Interval | | -------------- | --------------------------------------------------------------- | | Excellent | \[0 , MaxScore\*BS\[Excellent] \[ | | Acceptable | \[ MaxScore\*BS\[Excellent] , MaxScore\*BS\[Acceptable] \[ | | Improvable | \[ MaxScore\*BS\[Acceptable] , MaxScore\*BS\[Improvable] \[ | | Unsatisfactory | \[ MaxScore\*BS\[Improvable] , MaxScore\*BS\[Unsatisfactory] \[ | | Deficient | \[MaxScore\*BS\[Unsatisfactory], MaxScore ] | The value of the phishing campaign is calculated with the following formula: $$ PhishinScore=\sum\_{Phishing Actions}(ActionValue\*NumberOfVictims) $$ Finally, you only have to relate the score to the interval to obtain the grade. ## Phishing Evaluation Template > Because this explanation may have been a bit complicated to implement, I have prepared a spreadsheet for you to play around with. {% file src="/files/xtDOQQH1f3PhQi29KchF" %} --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://the-pentesting-guide.marmeus.com/humint/phishing-evaluation.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.