These spam messages enter the user boxes with the subject lines "Switch in the car tax" and Changes in the car fee." The text of e-mails contains several grammatical mistakes and wrong spelt words. These should be the first sign for Internet users to understand that something wrong is going on with the e-mails, said Sophos.

These e-mails inform the recipients that more details are enclosed in the attached file - "CAR_DOCUMENTATION.zip." The malicious executable in the zip file is named - "CAR_DOCUMENTATION.DOC.___________.exe." Moreover, the double extension should be taken as another clue that the e-mail is bogus, according to the security experts at Sophos.

The Sophos security experts state that if the e-mail recipient doesn't delete the message immediately and downloads the malicious attachment, then there should be no surprise to find a malware on his computer. In fact, this is the aim of these messages to infect recipient's computer.

According to the Sophos security experts, these spam e-mails are specifically crafted to install Troj/Agent-NSQ on as many computers as possible so that the attackers could maximize the reach of their attacks.

Realizing the malicious nature of this spam campaign to deactivate the security and safety on the user's system, the security experts have advised computer users that they should be extremely careful and do not download any attachment as there are high possibility of malware inside the attachment.

In case the e-mail looks important (as in the present case talking about tax), the security experts state that modern web-based clients should have a virus scanning utility that scans the attachment before letting the user to download the attachment.

Lastly, users are recommended that their Internet security applications should be updated because online threats are continuously increasing. As these threats download new security software, the latest version of scanning engines could help them to deal with the problems of online threats.