Despite having captchas and per user send limits on my site, Nigerians were submitting tons of forms through my site a while back trying to trick users with the same scams that are popular on Craigslist. They know to clear their cookies, etc. Adding Evercookie cut down on the number of spam messages considerably just by keeping a count of the number of messages sent from a particular computer and blocking messages after more than a certain number per day.
Perhaps most satisfying, I implemented it so the message appeared to have been sent successfully even when it was blocked. So there are Nigerians happily working away all day "sending" message on my site still thinking it is working. I sometimes get hundreds of blocked message notifications per day.
That's what I did when we marked an account as obvious spam. Usually that was when an account was created and the same or next day sent 1000+ messages to random other users. Basically the person using the account would think the messages got sent but really they usually hit either a keyword/bayes moderation or a similarity throttle and the messages were put into a moderation queue rather than delivered immediately. Once the moderator picks "obvious spam", for that account the site gets buggier and buggier for 30 days until the account gets completely shut down and the person can't log in with it anymore. I did that for 30 days because I didn't want to warn them their account had been flagged and just have them create a new one.
Basically it's a spammer tarpit.
"Storing cookies in RGB values of auto-generated, force-cached PNGs using HTML5 Canvas tag to read pixels (cookies) back out"
Still, there are some interesting ideas for places to hide trackers. I wonder which parts actually survive (as wiki suggests that something does) after doing a full "clear browsing data" on something like Chrome (which comes with a super helpful link to clear Flash cookies).
Edit: that, and it tries to use silverlight to store some silverlight based cookies, and people would just get big "Install Silverlight!" button/adverts coming up.
I wish I was kidding.
Back when things were a little less heated (aka a couple of years ago), some companies did use a combination of cookies and Local Shared Objects in order to provide redundancy - information deleted from one was later restored by the other. Those companies have almost certainly stopped.
Not that it indicates any wrongdoing, because there's a class-action lawsuit for everything remotely advertising-related, but there's been a ton of class-action lawsuits in the Flash cookie space. I believe the ones involving actively rewriting deleted information have largely been settled, and now it's mostly lawyers trolling companies for the use of Flash cookies to store any type of information more complicated than a volume setting.
For a recent example, search for Del Vecchio vs Amazon.