Maybe, maybe not. As for your employees, the stats are not good. According to the PCI Security Standards Council, every day 80,000 people are victimized by phishing scams from 156 million phishing e-mails sent globally – 16 million of which circumvent spam filters – resulting in 8 million scam e-mails being opened. And they come with quite a payload.
Attorney at Work carried a nice easy-to-read-and-understand post explaining phishing, baiting (for instance, leaving a flash drive containing malware in a place a user is likely to pick it up and then insert it in their computer) and pretexting (such as scam e-mail asking you to update account information or telephone calls in which criminals pretend to be the IRS requesting your information or someone pretends to be from Microsoft tech support reporting that there is something wrong with your computer that they need to fix). As for that last one, we've seen, to our surprise, several very bright attorneys fall for that scam and give the attacker access to their machines.
This should be required reading for your employees (and maybe you too)!
E-mail: firstname.lastname@example.org Phone: 703-359-0700
Digital Forensics/Information Security/Information Technology