Online security is always a top priority for companies, with many spending thousands on state of the art computer systems to protect their data and finances.
But a new study has found the real threat from cyber criminals is that now they don't even need to hack software.
It's digital espionage commonly known as 'social engineering'
Criminals are gleaning personal information from social media accounts.
To create the perfect phising email or phone call -- so convincing increasing numbers of business men and women are falling for it.
In one case a hacker targeted a CEO's PA after seeing on Instagram and Facebook that an employee of the firm had recently had a birthday party - that many within the company had attended.
An email went out pretending to be another attendee sharing photo's - that message specifically designed to install malware on her PC.
The company behind the research - Digitalis - have heard countless stories like this one....
They found that most people are aware of the risks but simply don't protect themsleves.
(SOUNDBITE) (English) DIGITALIS REPUTATION, DAVE KING, SAYING:
"It's staggering to then find out that the majority are doing nothing about it. So most business leaders will accept request from people who don't know. Most of them dont check regularly on privacy settings and most of them don't check what information is out there about them online between 50 and 60 percent don't do any of those things."
The company say even firms with state of the computer systems are being caught out.
Proving no amount of technical stop gaps can stop people from being tempted to click.