If you wanted proof that security really is only as good as the awareness of the people working in your company, Conde Nast - publisher of Wired, Vogue, GQ, Glamour (and Ars Technica) - has the perfect example.
According to Ars Technica, the company was
the victim of a "spear-phisher"
who netted $8m from the media giant. Posing as the company's printer, Quad/Graphics, he sent an email to Conde Nast's accounts payable department, with an electronic payment authorisation form, instructing it to send payments for the printer to a specified bank account.
Between 17 November and 30 December, Conde Nast transferred $8m to the account before the scam was uncovered when the real Quad/Graphics starting asking about outstanding payments.
Luckily for Conde Nast, none of the money had actually been taken out of the account and it was able to freeze the cash until it filed a forfeiture filing on 30 March seeking to get the funds back.