User beware: Bin Laden sleeps with the phishes
DHS warns of themed spear-phishing attacks
- By William Jackson
- May 16, 2011
Let’s face it, if you are not a member of the National Security Council, the intelligence community or Special Forces, you really have no compelling need view photos or video of a dead Osama bin Laden, and there is no reason for you to open any e-mail offering them or click on any included links.
Still, people persist in opening and clicking.
“In the wake of large news events, it is common for malicious actors to take advantage of increased media attention by implementing associated ‘spear phishing’ attempts,” the Homeland Security Department’s National Cybersecurity and Communications Integration Center said in an alert on bin Laden-related phishing.
“These e-mails will often contain embedded links or purport to include exclusive photos or videos, either found on suspicious websites, or included as attachments or links in e-mails,” the alert states.
The NCCIC offered some tips on how to avoid falling prey to these schemes. They are not specific to bin Laden and are pretty much common sense, but given the success of phishing attacks, they apparently bear repeating:
- Be wary of unsolicited attachments, even from people you know: Just because an e-mail looks like it come from a familiar source does not mean that it did.
- Keep software up to date: install patches.
- Trust your instincts: If you are suspicious, don’t open it.
- Save and scan attachments before opening, and do not automatically download attachments.
- View e-mails in plain text: This will help restrict link functionalities that could be dangerous.
- Use firewall and filter options to block unwanted e-mails.
William Jackson is a Maryland-based freelance writer.