![Holm Security Yellow.png]](https://support.holmsecurity.com/hs-fs/hubfs/Holm%20Security%20logos/Holm%20Security%20Yellow.png?height=40&name=Holm%20Security%20Yellow.png){kind=small}
How is the severity set for recipients?
The severity level applied to a user depends on the actions taken in a phishing simulation.
- Neutral
The user never opened the email. - Low
The user opened the email but didn't take any action. - Medium
The user clicked the link in the email or replied to the email. - High
The user clicked the link and/or replied to the email more than one time and, accordingly, performed both actions or one of them twice or more. - Critical
The user submitted sensitive information in a form.
Low equals no actions
In terms of severity for each individual recipient, the best outcome is low. Low has the green color because, from a business perspective, this is the most desired outcome: the user reads the email, identifies it as phishing, and avoids dangerous actions.