Phishing Risk Score Calculator

ANA›Life Services Authority›National Calculator Authority›Phishing Risk Score Calculator

.calc-container { max-width: 640px; margin: 2rem 0; padding: 1.5rem; background: #fff; border: 1px solid #ddd; border-radius: 8px; box-shadow: 0 1px 3px rgba(0,0,0,0.06); font-family: system-ui, -apple-system, sans-serif; } .calc-container h3 { font-family: Georgia, serif; font-size: 1.15rem; color: #1a1a1a; margin-bottom: 1rem; padding-bottom: 0.5rem; border-bottom: 2px solid var(--ac, #3d5a80); } .calc-row { display: flex; align-items: center; gap: 0.75rem; margin-bottom: 0.75rem; flex-wrap: wrap; } .calc-row label { min-width: 160px; font-size: 0.9rem; color: #333; font-weight: 500; } .calc-row input[type="number"], .calc-row select { flex: 1; min-width: 120px; max-width: 200px; padding: 0.5rem 0.6rem; border: 1px solid #ccc; border-radius: 4px; font-size: 0.9rem; font-family: system-ui, sans-serif; color: #1a1a1a; background: #fafaf8; } .calc-row input:focus, .calc-row select:focus { outline: none; border-color: var(--ac, #3d5a80); box-shadow: 0 0 0 2px rgba(26,74,138,0.12); } .calc-row .unit { font-size: 0.82rem; color: #888; min-width: 30px; } .calc-btn { display: inline-block; margin-top: 0.5rem; padding: 0.55rem 1.5rem; background: var(--ac, #3d5a80); color: #fff; border: none; border-radius: 4px; font-size: 0.9rem; font-weight: 600; cursor: pointer; font-family: system-ui, sans-serif; } .calc-btn:hover { opacity: 0.9; } .calc-result { margin-top: 1.25rem; padding: 1rem 1.25rem; background: #f0f6fc; border-left: 3px solid var(--ac, #3d5a80); border-radius: 0 6px 6px 0; display: none; } .calc-result.visible { display: block; } .calc-result-label { font-size: 0.78rem; text-transform: uppercase; letter-spacing: 0.06em; color: #666; margin-bottom: 0.25rem; } .calc-result-value { font-size: 1.6rem; font-weight: 700; color: var(--ac, #3d5a80); } .calc-result-detail { font-size: 0.85rem; color: #555; margin-top: 0.5rem; line-height: 1.5; } .calc-note { margin-top: 1rem; font-size: 0.8rem; color: #888; font-style: italic; } .calc-grid { display: grid; grid-template-columns: 1fr 1fr; gap: 0.75rem; margin-top: 0.75rem; } .calc-grid-item { padding: 0.6rem 0.8rem; background: #f8f9fa; border-radius: 4px; border: 1px solid #eee; } .calc-grid-item .label { font-size: 0.75rem; color: #888; text-transform: uppercase; letter-spacing: 0.04em; } .calc-grid-item .value { font-size: 1.1rem; font-weight: 600; color: #1a1a1a; } @media (max-width: 720px) { .calc-row { flex-direction: column; align-items: flex-start; gap: 0.3rem; } .calc-row label { min-width: auto; } .calc-row input[type="number"], .calc-row select { max-width: 100%; width: 100%; } .calc-grid { grid-template-columns: 1fr; } } .calc-chart { margin: 1rem 0; text-align: center; } .calc-chart svg { max-width: 100%; height: auto; } .calc-chart-legend { display: flex; flex-wrap: wrap; justify-content: center; gap: 0.6rem 1.2rem; margin-top: 0.6rem; font-size: 0.8rem; color: #555; } .calc-chart-legend span { display: inline-flex; align-items: center; gap: 0.3rem; } .calc-chart-legend i { display: inline-block; width: 10px; height: 10px; border-radius: 2px; font-style: normal; } .calc-related { max-width: 640px; margin: 2rem 0 1rem; padding: 1.25rem 1.5rem; background: #f8f9fa; border: 1px solid #e8e8e8; border-radius: 8px; } .calc-related h3 { font-family: Georgia, serif; font-size: 1rem; color: #1a1a1a; margin: 0 0 0.75rem; padding-bottom: 0.4rem; border-bottom: 2px solid var(--ac, #3d5a80); } .calc-related-list { list-style: none; padding: 0; margin: 0 0 0.75rem; display: grid; grid-template-columns: 1fr 1fr; gap: 0.4rem 1.5rem; } .calc-related-list li a { font-size: 0.88rem; color: var(--ac, #3d5a80); text-decoration: none; } .calc-related-list li a:hover { text-decoration: underline; } .calc-browse-all { margin: 0.5rem 0 0; font-size: 0.9rem; font-weight: 600; } .calc-browse-all a { color: var(--ac, #3d5a80); text-decoration: none; } .calc-browse-all a:hover { text-decoration: underline; } @media (max-width: 720px) { .calc-related-list { grid-template-columns: 1fr; } }

Phishing Risk Score Calculator

Estimate your organization's phishing risk score (0–100) based on employee exposure, existing security controls, and environmental threat factors. A higher score indicates greater risk.

Number of Employees Exposed to Email

Security Awareness Training Level

None Basic (annual training) Moderate (quarterly training) Advanced (monthly + simulations)

Multi-Factor Authentication (MFA) Coverage (%)

Email Filtering / Anti-Phishing Solution

None Basic spam filter Advanced (e.g. SEG with sandboxing) Enterprise AI-based filtering

Historical Phishing Click Rate (%)

Industry Threat Multiplier

General / Low-risk Retail / E-commerce Healthcare Finance / Banking Government / Defense Education

Percentage of Privileged / Admin Users (%)

Calculate Risk Score Your phishing risk score will appear here.

function phiCalc() { var employees = parseFloat(document.getElementById('phi-employees').value); var awareness = parseFloat(document.getElementById('phi-awareness').value); var mfa = parseFloat(document.getElementById('phi-mfa').value); var emailFilter = parseFloat(document.getElementById('phi-email-filter').value); var clickRate = parseFloat(document.getElementById('phi-incident-rate').value); var industry = parseFloat(document.getElementById('phi-industry').value); var privileged = parseFloat(document.getElementById('phi-privileged').value);

var errors = []; if (isNaN(employees) || employees 100) errors.push("MFA coverage must be between 0 and 100."); if (isNaN(clickRate) || clickRate 100) errors.push("Click rate must be between 0 and 100."); if (isNaN(privileged) || privileged 100) errors.push("Privileged user % must be between 0 and 100.");

if (errors.length > 0) { document.getElementById('phi-result').innerHTML = '⚠ ' + errors.join('⚠ ') + ''; return; }

// --- Core Formula --- // Base Exposure Score (0–40): driven by employee count (log-scaled) and click rate var exposureScore = Math.min(40, (Math.log10(employees) / Math.log10(1000000)) * 20 // 0–20 pts for size + (clickRate / 100) * 20 // 0–20 pts for click rate );

// Control Effectiveness Score (0–40): MFA + email filter + awareness reduce risk // Each control reduces a 40-pt pool proportionally var mfaReduction = (mfa / 100) * 15; // up to 15 pts reduction var filterReduction = (1 - emailFilter) * 15; // emailFilter is already a multiplier (lower = better) var awarenessReduction = (1 - awareness) * 10; // awareness is already a multiplier (lower = better) var controlScore = Math.max(0, 40 - mfaReduction - filterReduction - awarenessReduction);

// Privilege Amplifier (0–10): more privileged users = higher blast radius var privilegeScore = (privileged / 100) * 10;

// Raw Score (0–90) before industry multiplier var rawScore = exposureScore + controlScore + privilegeScore;

// Apply industry threat multiplier, cap at 100 var finalScore = Math.min(100, rawScore * industry);

// Risk label var label, color; if (finalScore Phishing Risk Score: ' + finalScore.toFixed(1) + ' / 100 (' + label + ')' + '' + 'Exposure Score' + exposureScore.toFixed(2) + ' / 40' + 'Control Gap Score' + controlScore.toFixed(2) + ' / 40' + 'Privilege Amplifier' + privilegeScore.toFixed(2) + ' / 10' + 'Industry Multiplier' + industry.toFixed(1) + 'x' + 'Final Score' + finalScore.toFixed(1) + ' / 100' + '' + 'Estimated employees compromised per campaign: ' + estimatedVictims + '**'; }

#### Formula

Exposure Score (0–40) = [log₁₀(Employees) / log₁₀(1,000,000)] × 20 + (Click Rate / 100) × 20

Control Gap Score (0–40) = 40 − (MFA% / 100 × 15) − ((1 − Email Filter Factor) × 15) − ((1 − Awareness Factor) × 10)

Privilege Amplifier (0–10) = (Privileged Users% / 100) × 10

Final Phishing Risk Score (0–100) = min(100, (Exposure + Control Gap + Privilege) × Industry Multiplier)

Estimated Victims per Campaign = Employees × (Click Rate / 100) × (1 − MFA / 100) × Email Filter Factor × Awareness Factor

Risk Bands: <25 = Low | 25–49 = Moderate | 50–74 = High | 75–100 = Critical

#### Assumptions & References

Phishing Risk Score Calculator

Phishing Risk Score Calculator

More Calculators

Read Next

References

Phishing Risk Score Calculator

Phishing Risk Score Calculator

More Calculators

Read Next

References

Related Authorities