A danger that's greater than the danger of frequent toolbar checksum updates that keep you all busy with new code, is the danger that anything grabbing PageRank except from the official toolbar is likely to leave fingerprints at the Googleplex. With Google's habit of saving everything, this could contribute to a database of suspected spammers.
For example, the GPRM, v.1.1, a desktop Windows PageRank grabber, sends a user-agent of "IE5.vbx" to Google when it fetches PageRank from my box. This is a fingerprint that probably comes from some DLL on my Windows box, and the coder might not even have access to this, assuming that the DLL has to be used for contacting
www.google.com.
It's also easy to compile a console program and run it under DOS32, and have it use curl or wget. You can set your own user-agent that way. But then the temptation is to use a batch file. Any IP address coming into Google that grabs PageRank faster than someone can key the domains into the toolbar is automatically suspicious.
There are a number of sites that grab PageRank for you. Certainly Google knows the IP addresses or handshaking characteristics of these sites by now.
Once you identify a PageRank grab as a grab that originated from outside the toolbar, then you save the domains requested in a separate database. Sort the domains by how many times per week they were requested, and you have a pretty nice list of who the SEO spammers might be. Assign some temp help to check them out manually, one by one, and see if any dubious techniques might be used. Ban them.