Its surprising that even with all the awareness being raised on security, human beings will always be the weakest link. For example today most folks at the place I work lost their yahoo accounts coz of a certain spam message which took them to a site to view some photos. A very simple exploit it was too. a field for the user name and password, form post action which is routed through a cgi script to an email address. The next stage is I would assume is to have some means of spamming all contacts...