Hidden code in e-mail messages is increasingly being used to track the success of spam campaigns, according to a warning by an antispam technology company. Up to 50 percent of all spam released in the last year is bugged with so-called spam beacons that send a coded message back to the spammer whenever a spam message is opened, says MX Logic of Denver. Such tracking helps spammers refine their distribution lists and weed out bad e-mail addresses from good ones.
The beacons, also known as Web bugs, are created with HTML code embedded in the e-mail. For example, the beacon may be a URL for an image file that is stored on a server controlled by the spammer. When the e-mail message is opened, the e-mail application requests the image and sends along an encoded e-mail address of the recipient. The spammer"s server responds by sending the image file to be displayed, but it also captures the e-mail address that was sent in a database of "good" addresses, says Richard Smith, an independent computer security consultant.