Yes, I have first hand experience with this.<p>These are more sophisticated than traditional phishing attempts. They are targeted and personal. The phisher researches his target, finds out the email address of the CFO or other key people in accounting, and then targets the organization accordingly, spoofing email addresses to commit wire fraud or similar exploits.<p>The payoffs are huge, and the victims, having never been targeted before, are naive and vulnerable. One organization I was involved with lost mid-5 figures to one such scheme, and almost lost double that again before someone got wise.