It's an important reminder, only slightly less so now that RSA has reported taking down the attack, which was launched from a Chinese domain.
Make these a part of your security/usage policy if they aren't already there. If you don't have a written, enforceable security/usage policy, get one, and then make these a part of it.
Here's how this one works (or tried to):
The bogus CNN/Gaza attack starts with a e-mail containing links that guide the unwary to a site that looks most CNN-ish... until (or unless)
Visitors are prompted to download an Adobe Acrobat update. What they get is a Trojan, one that immediately starts sniffing for SSL information -- secure site visit information that gives the crooks a map of your financial and secure transactional paths.
Simple enough -- and simple enough to fall for if you, and everybody in your business isn't on-guard all the time.
If you haven't had your regular -- monthly, at least -- reminder session with everyone in your company who uses a computer, now's the time to walk them through the basics:
1. Don't read unsolicited e-mail (I'd say don't read any non-business e-mail at work, but we all know how likely that is.)