TLDR and TLDR (too long don't listen): go take this training. Please. Now. The end.
If you want to hear more, check out today's podcast episode where I talk about all the wonderful tidbits I learned from Peter during the training, including:
Doppelganger attacks - does your target have a frequently used site like mail.company.com? Try buying up mailcompany.com with a copy of their email portal (using Social Engineer Toolkit), and the creds might come pouring in!
Get potential usable creds from old breaches (Adobe, Ashley Madison, LinkedIn, Spotify)