So, we are not supposed to click on the links sent via email? and, how can we recognize whether it's a means of spear phishing or actually send by authorized destination?