Security consultant Steve Stasiukonis was hired to test security awareness at a credit union. He loaded malicious software on some old thumb drives and left then on the ground at the parking lot at the credit union. Each time an employee used the thumb drive, it loaded software and reported who used the USB key. While this was harmless, a real criminal or hacker could have used it to compromise your security. Make sure you are making your employees aware of this trick. More information can be found here