Currently, phishing is seen as one of the largest infiltration points for
businesses around the globe, but there is more to social engineering than just
phishing. Attackers may use email and USB keys to deliver malicious files to
users in the hopes of gaining access to an organization's network. Users that
are likely unaware that unsolicited files, such as a Microsoft Word document
with a macro, may be malicious and can be a major risk to an organization.
Metasploit Pro [https://rapid7.com/prod