lexicon: poisoned URL? web beacon?

[NotBuyingIt]

Spammers have a common and annoying habit of placing the following sort of spying code (derived from an actual case) in their email

Code: Select all

<img border="0" src="hXXp://BABBLEMENT.NET/c.asp?eid=spamee&#64;example.com">

As many will immediately recognize, the code causes the recipient's email address (e.g., spamee@example.com) and IP address to be transmitted to the spammer's site (e.g., BABBLEMENT.NET) whenever the email is opened, without the recipient's knowledge or permission. The data may be profiled and used for additional spam or scams or perhaps even for identity theft. Agree?

I'm unfamiliar with the jargon. What is the best term to describe this sort of spying code? I've come across poisoned URL and web beacon, but I don't know if either term is correct. In a broader sense, it is a kind of browser exploit, I guess.

[Swapfire]

I don't think this code would work on latest thunderbird and ms outlook (at least from 2003) since both won't load outside content (images too) from first time sender without owners permission. So it's not that terrifying. Thanks for letting know anyway. I didn't have an idea this is how it's actually done.

[siblingshot]

@ NotBuyingIt

Interesting.

I knew image files could be utilized as a vehicle to transmit malicious code, but I did not know the same mechanism transmitted address and IP address back to the spammer on opening. Even in Gmail, I bar remote images from untrusted sources.

As to the defining jargon, I'd be interested to see it nailed down too.

EDIT:



As for babblement.net, rated.

[Guest]

and if I remember right the first e-mail client that used HTML by default was

TA-DA'
[url=http://en.wikipedia.org/wiki/Microsoft_Internet_Mail_and_News t=_self]Microsoft Internet Mail and News[/url]

I always setup up my e-mail clients to send and revieve message as text only

[c۞g]

http://en.wikipedia.org/wiki/Web_bug

Doesn't work if email is read as text only = no HTML allowed.

[edit]
babblement.net
redirects to:
unsubyourself.net

[c۞g]

I use gmail
and have it configured not to display images

[MysteryFCM]

Correct term = beacon

[NotBuyingIt]

Much thanks!

[NotBuyingIt]

After reading all of the relies to my question, I came across this:

http://en.wikipedia.org/wiki/Web_beacon

Thanks to all.

[c۞g]

off topic; apologies

Lexicon - "specific dictionary"

would make an interesting Wiki contribution; WOT Lexicon (dictionary) related to WOt and it's functions, including security aspects.
Anyone willing and able?