Question Authority, No, Really, Fight Spear Fishing and Clue Up Your Users

This e-week article says "Online criminals trying to pry passwords and other sensitive information out of companies have started using phony e-mails to pose as powerful executives of the targeted organizations, experts said on Wednesday.

Spear phishing can be devastatingly effective even among employees who are aware of online threats. At the U.S. Military Academy in West Point, New York, several internal tests found that cadets were all too willing to give sensitive information to an attacker posing as a high-ranking officer, said Dr. Aaron Ferguson, a visiting faculty member there.

"It's the colonel effect. Anyone with the rank of colonel or higher, you execute the order first and ask questions later"."