Sarasota PC Monitor
Tech Talk (06/03)
You Have Bugs
by Brian K. Lewis, Ph.D.*
Member of the Sarasota Personal Computer Users Group, Inc.In March the Tech Talk article in the SPCUG Monitor was all about computer parasites. There was also some refer ence to invisible web page bugs. Well, these bugs can now be found in your e-mail. They report home when you open the e-mail letter or preview it in the Microsoft Outlook/Outlook Express preview pane. This leads to an increase in Spam sent to your e-mail address. So how is this possible and how does it affect users?
To understand what is happening we need to get a better understanding of scripting and HTML languages. Don't worry, this won't turn you into programmers. However, it may help you understand what's invading your e-mail and the web pages you visit. It should also help you prevent some of this invasion of your privacy and better protect your e-mail address from spam.
First, let's define a web bug: A graphic on a Web page or in an email message that is designed to monitor who is reading the Web page or email message. A Web Bug is often invisible because they are typically only 1-by-1 pixel in size, with no color. Among the information collected is the IP address of the computer that the Web Bug is sent to, the URL of the page the Web Bug comes from and the time it was viewed. The Web Bug is also known as a 1-by-1 GIF, invisible GIF, and tracker GIF.
Next, what is HTML? This stands for HyperText Markup Language and is the language used for designing web pages. It is also being used for e-mail. If you get e-mail containing colorful banners and multi-colored images, chances are you have set your e-mail program to accept mail received in HTML format. This permits anyone sending this e-mail to embed invisible graphics (1 pixel x 1 pixel in size). The graphic is not the problem. It is the scripting language associated with the graphic that causes the problems. These languages allow small programs to run in the background without any notification to the user. You may have Windows scripting turned off, but this affects only scripts written in Visual Basic.
You have already seen the results of scripts (programs) running on web pages you have visited. On many pages when you click on an underlined link, this causes a script to run. This may open a new small window, may send you to a totally different page on the same web site or it could start the download of a file. In some instances you may see a changing ad or an automatically scrolling list. Some of these start running when the web page is loaded on your computer. Others require some action on your part. As one other example of commercial use of scripts, the U.S. Postal Service has Java-based, interactive forms that are used by their bulk mailers.
These scripts that carry out these actions may be written in ActiveX, Java, Perl/CGI or PHP. These are all scripting languages designed to increase the functionality and interactive nature of the Internet. If your Internet browser is out of date or you have changed the script settings, you may get messages saying something to the effect that your ActiveX settings (or Java settings) do not permit this page to display properly. Shutting off the running of all ActiveX/Java scripts would change your web surfing experience. Many Macromedia Flash plug-ins and other plug-ins are based on scripting. So scripts have become an important part of the design of every web page.
So what does this have to do with e-mail? There is an increasing use of the HTML format for e-mail letters. They can be much more interesting to read than plain old text messages. For example, Fred Langa sends his newsletter out in both text and HTML formats. The HTML format has colored text and links that allow you to jump back and forth through the newsletter. It also allows the use of links to web sites where additional information can be found. Other newsletters such as those from C-Net, PC Magazine, Geneology.com and many others, contain embedded graphics and HTML formatting which makes the newsletter more closely resemble printed brochures and advertising. It's all part of the marketing process that attempts to increase reader interest and snag new readers. So, in essence, the HTML email letter is really just another web page. And, if it is a web page it can contain web bugs!
The Register, an IT publication in the U.K., recently published an article on newsletter bugs that was reprinted from the site Out-law.com. Out-law.com is part of Masons, a law firm based in London with offices in Brussels, Hong Kong, the People's Republic of China, Singapore, Dublin and throughout the UK.
Masons paid a European security organization, iomart, to make a study of Spam. Iomart determined that if you opened all of your Spam e-mail before discarding it, you could double the number of Spam letters you received within two weeks. In their testing, the Spam sent to their addresses increased from hundreds to thousands within a few weeks. However, if you never opened or replied to any Spam, the number of letters would decrease. Opening the letter included viewing it in the preview pane of Outlook/Outlook Express. Further, they found that 83% of the spam they received were HTML e-mails with hidden tracking codes that notified the spammers as soon the messages were opened. These covert-tracking codes allowed the senders to record and log recipients' e-mail addresses as soon as they, the recipient, opened or previewed the message.
When iomart removed the tracking codes as the e-mail was downloaded, they subsequently noted a reduction in the number of spam e-mails they received. Their conclusion was that the spammers responded to these tracking codes by expanding the variety of spam being sent to the e-mail addresses that were now known to be valid. Two points: the addresses had been validated and the person(s) at those addresses were reading the spam.
Spam, the senders insist is a form of bulk mail advertising. It is well known in the bulk mail industry that you expect only a small return on any mailing, usually in the range of 1-2%. Therefore the greater the number of letters mailed, the better the return. With the e-mail tracking codes they can now improve the targeting of their e-mail sendings. And, as has been stated in the Spam hearings held by the FTC in Washington, D.C., people do make purchases from unsolicited e-mail or Spam.
There are web sites which contain information to assist people in setting up tracking bugs. The following was excerpted from one such web site: "Embedding tracking codes, invisible counters... Cookies, spywares, etc. into HTML email messages to monitor and track recipients click through rate, email client, browser, country, etc. - is a popular method used by many e-mailers-usually without the recipient consent."
"How to embed your HTML email with tracker code?""The first step is to sign-up for a few free counter tracker (see below listings of free tracker and counters). Different tracker for tracking different email message, you can rotate and reuse the same tracker for different weekly newsletter. When you sign-up, you will be given some some kind of tracker script to track visitors by their (bottom of this page) for example: PHP scripts, JavaScript or CGI/Perl." (I added the emphasis in Italics on the free tracker information. It's also obvious that someone who is not a native English speaker wrote the text.)
This web site listed fourteen web addresses where free tracker programs could be found. It also listed sites where free scripts written in Java, Perl and CGI could be downloaded. This web site included one such script.
How did I find this site? Simple. A Google search on "web bugs" brought up thousands of sites, but this one was the second or third in the list. It was also the most blatant in its abbreviated description of its offerings. There were many other, similar sites designed to help you include trackers in your bulk mailing.
So how do you defend yourself against these e-mail-tracking bugs? First, don't open any mail where you don't know the sender. Most Spam can be identified by the subject matter, the sender or the lack of a specific recipient address. Another way to handle Spam is to never read your e-mail while you are on-line. If you are off-line and open a Spam letter with a tracker, it can't send out its information. This option is a good alternative for users who have a dial-up connection. Unfortunately, cable and DSL users have to turn off their modem to disconnect from the web. A better alternative, if you use Outlook or Outlook Express, is to select the option to "read all messages in plain text". This may garble some HTML messages, but it will prevent the script from being activated. At the very least, you should de-select the option in Layout that shows messages in the preview pane.
Now that you know the spammers are using these bugs to verify your address, it's up to you to take preventive action. Doing so could significantly reduce your daily Spam load.
*Dr. Lewis is a former university & medical school professor. He has been working with personal computers for more than thirty years. He can be reached via e-mail at bwsail@yahoo.com or voice mail at 941/925-3047. :
Copyright 2003. This article is from the June 2003 issue of the Sarasota PC Monitor, the official monthly publication of the Sarasota Personal Computer Users Group, Inc., P.O. Box 15889, Sarasota, FL 34277-1889. Permission to reprint is granted only to other non-profit computer user groups, provided proper credit is given to the author and our publication. We would appreciate receiving a copy of the publication the reprint appears in, please send to above address, Attn: Editor. For further information about our group, email: admin@spcug.org/ Web: http://www.spcug.org/The Sarasota Personal Computer Users Group, Inc. has 1,100+ members and was established in 1982. We are members of the Assoc. of PC User Groups (APCUG), the Florida Assoc. of PC Users Groups, Inc., and we are members of the America Online Ambassador Program.
See http://www.spcug.org for all reviews from the Sarasota PC Monitor, go to the Newsletter Section.