One e-mail is all it takes for the whole action to roll out like dominoes to get into the company’s data and that’s how it happened in one of the companies. Before you open your e-mail, check that all the letters of the company are exactly the same as in the name. This is very important.

https://www.theregister.co.uk/2019/11/28/datrix_phishing_attack/