Mr. Rohyt Belani was kind enough to do a presentation on combining web application attacks with spear phishing at the Sept 2009 Louisville OWASP meeting (our chapter's LinkedIn page can be found here). If you are interested in finding out more about some of the topics Rohyt mentions in his presentation, check out these other videos on Footprinting/Network Recon and Exploiting Common Web App Vulnerabilities.

Full video can be downloaded from:
http://blip.tv/file/get/Irongeek-RohytBelaniPhishingAndWebappAttacksCleaned728.avi