@JasonNulph @HollyGraceful Or fire the security team that didn't have enough defense and monitoring to detect and stop something major. Users need to be cautious but no user is expected to know how to inspect/predict every potential social engineering / phishing attempt. Security should plan to that