We came across an article which was posted late last year by Dr Ian Levy from the National Cyber Security Centre called ‘The serious side of pranking’.
The article describes a real-world example of how Dr Levy was the target of a mock spear phishing attack by the prankster James Linton.
This is a great post that describes the simplicity involved with launching such an attack, and how easy it could be to fall victim to it. A must read for anyone, not just us security guys: