Tracking Code in Spam
Looks like the spam folks are as worried about "hits" as any other person with an internet presence.
The below chunk of code was found in a spam message that was trapped on our web site. The unique thing about it was the tracking code that was embedded in the script to see if it got any hits or not.
rxppafs-9p924ie-tw6q063c-1 (<)script var r = document.referrer; document.
write(‘ script src=http://www.stats-log.com/gb.php?id=g&r=’+escape(r)+’ (>)(<)’ + ‘/script>’))
I modified the script to make it inert so that it would not trigger, added () around components to make sure that it would not trigger and keep the original intent of the script source code.
The script makes for an interesting way to determine the value of the web sites that the script is triggered from. Sites that give more referrer codes are going to most likely be the ones that get more spam messages than those that do not trigger any hits. The code is a great way to figure out what is working, and where it is working from.
This is also the first time that we have seen tracking code embedded in a spam message so that the spammer can figure out the number of hits, or the quality of the hits and who is not watching their forums or comments on blogs.
Its actually quite clever, and as we spun through the rest of the links, selling poker, drugs, and other links, the rest of the spam message was the standard stuff that we would expect to see with nothing special there.
Cool stuff, and interested in seeing if this is going to be something that shows up in more spam messages, or if this is just a spammer who is interested in seeing what sites trigger and which sites do not. Even more interesting is a spammer interested in quality control and determining which are the better targets to go after. If we have to have targeted spam, then this spammer is working their way into making a great database of sites that do not monitor or delete comments that can be considered spam.