What they are
How they are used
Advertisers may put HTML code calling a web bug alongside the URL leading to the product displayed in an ad. The web bug sends your IP address back to the advertiser, which means that this advertiser can recognize you on any site that it serves ads on. This is often used alongside cookies, or indeed may be what sets the cookie. By examining the cookie, the advertiser that set it can recognize you across any site that it has ads on.
A favored trick of spammers is to send out emails at random with the code to call a web bug from their web server. When the people who are spammed open the email, their email client will connect to the internet to download the graphic. The email address is sent to the server, which logs it. This log is used by the spammer to find active addresses to send more spam too. Never, ever open obvious spam while online, and questionable emails should be opened while offline for this very reason.
Go to this web site for a demonstration of this. Please note that we are not affiliated with the following site. Questions about this test should be directed to the webmaster and/or owners of that site.
What does a web bug look like?
They don't look like anything. That's the point.
See any graphics between these two arrows? ---> <--- There's a web bug right there; a one pixel by one pixel transparent gif graphic that's impossible to see.
Here it is again, this time with a border around it. ---> <---