User beware: Bin Laden sleeps with the phishes

DHS warns of themed spear-phishing attacks

Let’s face it, if you are not a member of the National Security Council, the intelligence community or Special Forces, you really have no compelling need view photos or video of a dead Osama bin Laden, and there is no reason for you to open any e-mail offering them or click on any included links.

Still, people persist in opening and clicking.

“In the wake of large news events, it is common for malicious actors to take advantage of increased media attention by implementing associated ‘spear phishing’ attempts,” the Homeland Security Department’s National Cybersecurity and Communications Integration Center said in an alert on bin Laden-related phishing.

“These e-mails will often contain embedded links or purport to include exclusive photos or videos, either found on suspicious websites, or included as attachments or links in e-mails,” the alert states.

The NCCIC offered some tips on how to avoid falling prey to these schemes. They are not specific to bin Laden and are pretty much common sense, but given the success of phishing attacks, they apparently bear repeating:

  • Be wary of unsolicited attachments, even from people you know: Just because an e-mail looks like it come from a familiar source does not mean that it did.
  • Keep software up to date: install patches.
  • Trust your instincts: If you are suspicious, don’t open it.
  • Save and scan attachments before opening, and do not automatically download attachments.
  • View e-mails in plain text: This will help restrict link functionalities that could be dangerous.
  • Use firewall and filter options to block unwanted e-mails.


About the Author

William Jackson is a Maryland-based freelance writer.


  • automated processes (Nikolay Klimenko/

    How the Army’s DORA bot cuts manual work for contracting professionals

    Thanks to robotic process automation, the time it takes Army contracting professionals to determine whether prospective vendors should receive a contract has been cut from an hour to just five minutes.

  • Russia prying into state, local networks

    A Russian state-sponsored advanced persistent threat actor targeting state, local, territorial and tribal government networks exfiltrated data from at least two victims.

Stay Connected