© 2018 IADIS Press. All Rights Reserved. Spear phishing emails pose great danger to organizational employees due to the spear phisher’s skill in crafting contextually convincing emails as well as the inherent weakness of the employees in identifying the threat from spear phishing cues, which raises the question of which construct (user vulnerabilities or email contextualization) has a greater influence on the vulnerable user. Researchers have provided sufficient evidence of user vulnerabilities, namely the desire for monetary gain, curiosity of the computer user, carelessness on the part of the user, the trust reposed on the purported sender by the user, and a lack of awareness on the part of the computer user. However, the effect of the spear phisher’s ability in skillfully crafting convincing emails (using fear appeals, urgency of action, and email contextualization) to trap even skillful IT security personnel is an area that needs to be explored. Therefore, we explore the relationships between the two major factors namely ‘user vulnerabilities’ and ‘email contextualization’, through the theory of planned behavior with the objective to find out the major factors that lead to computers users biting the phishers’ bait. In this theoretical version of the paper, we provide the resulting two constructs that need to be tested.