Spammers 'using bugs' to find active e-mail addresses

Just opening a piece of spam can be enough to turn your e-mail address into a spam magnet. Many spammers are including illicit code in their unsolicited mail to help them detect active e-mail addresses, a security firm warned last Tuesday.

Just opening a piece of spam can be enough to turn your e-mail address into a spam magnet.

Many spammers are including illicit code in their unsolicited mail to help them detect active e-mail addresses, a security firm warned last Tuesday.

MX Logic claimed that nearly 50 percent of spam sent over the last 12 months included a 'spam beacon' -- a piece of HTML code embedded in the e-mail that detects when an e-mail is opened, or even just previewed.

This information is then relayed back to the spammer, telling them that certain e-mail addresses are in use. Similar techniques are also used by marketing companies to track behaviour and detect the response rate to targeted emails.

Web users have long been advised to ignore spam, rather than replying to it, so as not to attract more attention from spammers. According to MX Logic, though, just looking at the junk mail is all it takes.

"Millions of users are unaware that spammers have the ability to track when they view and open their e-mail," said Scott Chasin, MX Logic's chief technology officer.

"While Web bugs are not a new phenomenon to the Internet, this new data shows that nearly one out of two spam messages now contain these beacons. This reinforces the fact that spammers are using increasingly deceptive tools to invade end users' privacy and harvest valid e-mail addresses."

Back in February 2003, UK law firm Masons warned that spammers were breaking the law by including these secret tracking codes in their messages.

MX Logic's spam filtering technology has been watching out for such bugs since March 2003.