It's the department most known for fighting cybercrime, but even the best efforts to educate workers at Homeland Security sometimes fall flat.

Secretary Jeh Johnson is the administration's preacher on fighting cybercrime. It's simple stuff, he said, like "not opening the email or the attachment of the email that looks suspicious to you or you don't recog could make a difference."

To help, his department has pushed companies to create anti-spear phishing campaigns.

He told reporters this week, "employee-employer awareness education can raise that bar and make a huge difference."

But, he added, sometimes the lure is too good to resist, even inside DHS.

"In DHS, for example, we run exercises where we'll send employees emails like, 'Free Washington Redskins Tickets, Click Here,'" Johnson revealed.

"And the excited Redskins fan clicks on the attachment. They're told to report at a certain time and place to pick up their free Redskins tickets and they get a cyber security lecture instead," he said.

Paul Bedard, the Washington Examiner's "Washington Secrets" columnist, can be contacted at