I have seen companies spend precious time and money training employees on how to stay safe online and how to protect company assets. I have also noticed some employees that think this kind of stuff isn’t applicable to them. What’s more, typically these employees hold some of the highest positions within the organization. This can be extremely hazardous.
Attackers understand that the bigger the ‘phish’, the bigger the prize. The bad guys will try different “bait” techniques and if you are not aware, you will get caught.
Please remember that any form of social engineering applies to everyone.