According to Allen Paller, director of research at the SANS Institute, 95% of all attacks on enterprise networks are the result of successful spear phishing. In other words, somebody received an email and either clicked on a link or opened a file that they weren't supposed to.
For example, Chinese hackers successfully broke into computers at The New York Times through spear phishing. So, what are the steps that IT execs can take to protect enterprise networks from spear phishing?
Source:
http://www.computerworld.com/s/article/9237383/How_to_blunt_spear_phishing_attacks