Recently, a company called me to discuss concerns about their IT security. This company, based in the US but doing business with clients and vendors in many parts of the world, has been inundated with phishing emails. The difference here is that these phishing emails are not just generic ones that pretend to be Microsoft Office 365 or UPS trying to steal passwords, but rather, they are spear phishing. Spear phishing involves impersonating actual people associated with the company, like executives or vendors, in attempts to steal money or proprietary information. These schemes are becoming more and more common.