Spam Junk Email Images

People have been asking us why they get images in their spam and junk emails. They’re obviously garbage and yet so much effort has been used to generate them. We’ll try to answer this question…

Most junk and spam email images are not actually attached, but rather embedded in the source code of the email itself. The image therefore bypasses the spam and junk image blocks, which normally prevent the display of email images automatically. The reason to prevent them from displaying is often referred to as invisible GIF Image tracking.

Invisible GIF tracking utilizes a single-pixel GIF image file set to be transparent and thus invisible. Also known as a Transparent GIF, 1-by-1 GIF or Clear GIF, it is used as a tracking tool for web pages to monitor a user’s activity, as well as email activity.

If an email message contains a Transparent GIf file reference, it must contact the defined web server to retrieve the data. When your email program connects tothe sweb server, the server knows your IP Address right away. The file path reference likely contains a query string that contains your email address, which is handed to the web server. The web server then tags your email address as having been viewed. They know what IP address viewed what email on what date using which operating system and so on… In fact, the trcking continues to see if you forward the email to another machine, if you view the same email more than once, and if you click the link in the email there is more data.

Once you click a link in the email, the web server will know how long it took for you to view your email after it was sent. It knows how long it took for you to land on the website after viewing the email, and can track repeat email views, clicks and web page views. The web server likely tracks your activity in the website to assemble a profile on your email address, so the next campaign can be more effective, by sending marketing defined by your growing profile.

Don’t think for a moment that you are receiving emails from separate companies. There will be chains of emails coming from many companies, but tracked together, building a bigger and stronger profile on your email address.

Now, email programs can block these images from displaying, so as to avoid Transparent GIF data tracking.  Embedding the image data inside the email message bypasses the image blocking filter, and thus displays inside your message. There are two main reasons to do this. The first is obvious, as companies want to make sure you see their marketing pitch, even if it’s quite poorly done. The second is messaging obfuscation.

Have you ever received an email that was almost silly, but at the bottom there was a paragraph of words that seemed unrelated to the message, and made no sense as a paragraph? That was an encrypted message intended for a small group f people, or an individual. Let’s assume the real recipient is a terrorist in the US who needs to communicate with the outside (a terrorist country). He needs to receive updates, but the US would want to track who he is and follow the email to him. What to do?

The sender of the email therfore sends the mail to a few million people or more, so knowing who the email was really for is near impossible. The data is embedded in the email, so there is no web server connection to track. Most of us see a garbage email and just delete it, without reporting it. Those blocks of random words seemed out of place, so why not make it less evident.

Images can contain more than just pixel data. They can contains meta information that is related to the camera type, camera settings, date, etc. The creator places encrypted information in the non-image segment of the image code. It’s an old trick that’s been used for many years, but most people just see a useless image in a spam mail and throw it out. even the intended recipient appears to only have a common junk message in their email, so they blend in with the rest of us. The difference is the individuals wh know to decipher the message.

A point to recognize is a common question you may have asked yourself.  “Why do theys end me an email that I cannot reply to, for which the content is useless and uninteresting, and the included website doesn’t exist?” The answer is above.. the email was not intended to create traffic flow or sell products, it was created as a vehicle for encrypted messaging.

Yes, PHP Programing & MySQL Databases can be employed for such systems with nefarious tactics. However, Transparent GIF systems can also be used for valid and decent purposes. Businesses want to know if their recipients receive their emails and view their Online campaigns. You can tell if the company is valid by verifying their web address, watching for repeat emails, and of course, deciding if you trust the creator of the emails. I like to let Dell see my click through to their website, as I trust them and I want more discount coupon emails to be sent to me. The more you buy and visit their website, the more goodies they’ll send you to entice more sales. If it’s Bob & Joe’s Crab Shack offering free Gumbo, it will go no further.

Leave a Reply