[rprospero]

The COM file exploit worked because it is relatively unknown. I remember a worm going around when I was in grad school where you'd get an e-mail with a link to https://giftcard.customerservice.savemoneyonanew.tv/amazon.c.... Users who had been through the phishing training would see the HTTPS at the beginning and the amazon.com at the end and know that this was a legitimate Amazon email. The e-mail instructed them to click the link and "open the PDF file". Users would click the link, down load the COM file, and the open the file, installing malware all over the machine and forwarding the worm to all their contacts.