Wednesday, 5 December 2007

What is a Webbug?

By embedding a small (1x1) image into a page (the image being not noticeable) the site can make a call to another site (i.e. that of gator or another spam merchant).

This call to download the 1 byte image will set a cookie header. So the site sets a cookie that has an open domain. As you visit other sites (that may also have web bugs – and Google sells space for these) the cookie will be used to collect info on your surfing habits (referrer lines etc)
So the web bug with the cookie may be used to formulate info on what you do.

Every time that you go to a page with a Web bug, you create a log at the advertising firm. You make a call to their server to download the image and they will record the REFERER information.

Not all Web Bugs are small and insidious. In fact any graphics on a Web page that is used for monitoring purposes can be considered a Web Bug. Advertising companies have a preference to use the more sterile term "clear GIF" and are also known as "1-by-1 GIFs" and "invisible GIFs".

A Web Bug provides the site with the following information
  • The IP address of the host system that obtained (viewed) the Web Bug
  • The URL of the page that the Web Bug is located in
  • The URL of the Web Bug image
  • The time the Web Bug was viewed (downloaded)
  • The browser variety (eg. Mozilla, IE) used to get the Web Bug image
  • Any cookie values that where previously set in the browser
Web Bugs in Email
  1. A Web Bug can be used to find out if a particular Email message has been read by someone and if so, when the message was read.
  2. A Web Bug can provide the IP address of the recipient if the recipient is attempt to remain anonymous.
  3. Within an organization, A Web Bug can give an idea how often a message is being forwarded and read.

Web Bugs and SPAM

SPAM companies will often utilise Web Bugs. They do this for the following reasons:

  1. To quantify the number of people who have viewed the same Email message in an advertising campaign.
  2. To detect whether the SPAM message has been is viewed or not. This can provide the advertiser with a far more accurate statistic then simply collecting “read receipts”. Email addresses that are not recorded as having viewed a message are removed from the list for future mailings.
  3. To synchronize a Web browser cookie to a particular Email address. This method allows a Web site to validate the identity of people who come to the site by correlating the cookies on the system from the email and the web browser.

No comments: