A little while back we were reporting that a fake UPS invoice scam was going around, and that people who had sent parcels through UPS should be very careful about these spam messages. Well, it seems that the spammers have changed their MO and are now sending out messages that claim to be from the US Customs office.

PC users are warned to be cautions when receiving messages with the following subject lines: "Customs - We have received a parcel for you; Customs, please read; Parcel requires declaration; You parcel is at the customs office." The message may appear to be from the US customs, but it is nothing more than an attempt to get your machine infected.

The text of the message, for those of you who really want to know what the spammers come up with these days, goes something like this: "We have received a parcel for you, sent from France on July 9. Please fill out the customs declaration attached to this message and send it to us by mail or fax. The address and the fax number are at the bottom of the declaration form."

You are then invited to download Bill_Tax.zip onto your machine, but according to Sophos Laboratories this is not an archive but a Trojan named Mal/Spy-A. All Sophos security software solutions are able to detect the malware and provide adequate protection.

"Each campaign will catch out a few people, even computer literate people, because it just happens to resemble something they were expecting. Also remember that some spam campaigns are more professional than others. Some phishes are almost indistinguishable from legitimate emails. Sometimes one will slip through a spam filter, and sometimes the bank targeted will be your bank. Sometimes a random name will resemble someone you know, or the subject will coincide with something you were expecting," says Sophos.