When a phishing campaign is sent to test employees security awareness, the actions of the employees with regards to the phishing test are evaluated. Through the KillPhish reporting feature, employees can report when they receive a suspicious email, including the test emails.
The net reporter score is calculated by subtracting the percentage of people that failed the test from the people the percentage of people that reported the test email. The people with no actions, are not included.
% reported - % failed = NRS
This formula allows for a single number represent the if an organization’s security awareness training is helping people identify suspicious emails and report such emails to appropriate security personnel.
KillPhish is an email threat analysis and reporting tool that is included with PhishingBox subscriptions. The reporting mechanism of KillPhish is what is used to provide the reporting data to calculate the NRS. Learn more about KillPhish here.