Are You Being Tracked?

There’s more to spam than just banging out a million emails a day. If at all possible you want those emails to go to addresses that are active so people will see your spam. Because of this, spammers, like any other marketers, want to know if anybody looks at their “ads”.

Not all spammers keep clean lists but if your address cannot be identified as active, it will most likely be dropped by the ones that do. And, the less your address is circulated by spammers, the less spam you’ll get.

The two most popular techniques for tracking spam campaigns are:

  1. Tracking Links
  2. Tracking Images

Both can be avoided with minimal effort.

Tracking Links

If you check out what the “Free Porn” link in the spam you just got actually refers to you’ll often see something like this:

  • http://www.spamexample.com/a/b/d7resusWafeMAqUP

or this:

  • http://www.spamexample.com/x/y/index.php?ID=d7resusWafeMAqUP

The main thing to notice in the examples above is the group of random characters which serves as a unique identifier for the address the message was sent to. When the spam messages are generated each one gets an ID that will be stored in a database along with the email address it was sent to. By monitoring the web server logs at spamexample.com the spammer can tell which addresses clicks came from.

The simplest way to avoid being tracked by links in email messages is just not clicking them. (BTW this applies to so-called legitimate advertising as well.) If you don’t click the link, no request will be sent to the spammer’s web server and they won’t know you saw the email.

Tracking Images

A trickier way of tracking messages is by including links to images in the message HTML. When presented with an image link, some email clients will automatically request a copy of the image from the server where it resides. Using the same random identifier trick mentioned above with the image link the spammer can tell you opened the message as soon as you download the image. The really sneaky part is that you won’t usually know you downloaded the image.

Newer email clients will, by default, wait for your approval before retrieving remote images and will usually say something like “For your protection images in this message were not downloaded.” This prevents the email message from automatically identifying your address for the spammer. If your client is doing this you have nothing to worry about as long as you’re not telling the client that you want to see the images. If you are asking the client to get the images you’re asking to be tracked.

If you have an email client that downloads all images by default you’ll need to look for the setting that tells it not to. If your client does not allow you to disable image downloading you should use a different client. Unfortunately, detailed instructions for this are beyond the scope of this post. If you can’t figure it out, try to enlist your neighborhood geek:)

Summary

Avoid being tracked by spammers by resisting the urge to click on their links and make sure your email client asks you before downloading images.

- -

OnlyMyEmail is an award winning hosted spam filtering service and business email hosting provider. Our enterprise cloud computing anti-spam solution, the MX-Defender, has the highest capture rate of any spam filter ever tested in the VBSpam Challenge, blocking a record setting 99.9993% of all malicious and junk email.

Our Personal spam filtering system is also a Software as a Service (SaaS) solution and has won both the PC World "World Class Award" and also the PC Magazine "Editor's Choice Award."

OME-Kids is a webmail solution that protects children from spam and other harmful emails. OME-Kids offers unique Parental Controls that allow you to choose the level of security and oversight that's right for your child.

Comments are closed.