Survey: Companies with 5,000 or more employees were hit the most, 48% suffered 25 or more attacks. Phishing emails and social networking sites were cited the most common source of social engineering threats. Energy and utility companies are hit most commonly (61%) and non-profits hit the least (24%) Energy, utility companies, non-profit groups are also hit. New employees are most likely to fall for the attacks, yet only 26% of those surveyed actively train employees in how to avoid social engineering.”]