Facebook spam (erroneously called scams) has been making headlines recently…

And with all the attention on "virally spreading" links, we wondered, just how effective is it? What's the conversion rate? Links spread virally — but so what? That's only one step in the process. How many people actually fill out the CPA surveys that make the money?

Here's one recent example of spam attempting to use English football player Peter Crouch as bait.

Honestly, how many times have you won free stuff by clicking on links? And no… those spam, trojan, and spyware do not count as free stuff.

We recently found a scam that promises a free iPad to application testers. Apparently, the site lures the person into joining an iPad application testing program while the site owner makes profit from SMS fee charges and affiliation programs. To enroll in the program, "testers" are required to complete two steps.

At this point, you've probably read there are vulnerabilities in Apple's iOS that allow drive-by jailbreaks. And you also know that those vulnerabilities can be used for other drive-by exploits such as malicious attacks.

Here's the bad news: several additional malware families are now attempting to exploit Microsoft's LNK vulnerability (2286198).

But here's the good news: so far, the new exploit samples are detected by us, and by many other vendors. Basically we're seeing new payloads using the same basic exploit method, which is being detected generically, and not new versions of the exploit.

An SMS scam syndicate has been busted with the arrest of 26 people according to Malaysia's The Star Online.

Our Malaysian lab did some investigation on this topic back in 2007 and managed to record a conversation with one of the phishers.

F-Secure Labs is launching a new feature in Browsing Protection today.

Web security has become increasingly important over the last few years and we've already developed various protection mechanisms to keep our customers safe against exploits, phishing attacks, and drive-by-downloads. However, there's still more we can do against one of the most sinister of attacks.

Monday's post regarding the Merogo SMS worm noted its use of signed installation files and that the Symbian Foundation promptly revoked the publisher ID that was used.

So, the worm's files were signed but the certification has been revoked. Problem solved, right?

Unfortunately, not quite yet. One more step is required. Typically, S60 phones aren't configured to check for certification revocation by default.

We're investigating a series of SMS Worms, found in the wild in China. Known as Trojan:SymbOS/MerogoSMS, these worms try to spread on Symbian Series 60 3rd Edition devices. Symbian continues to be by far the most common smartphone operating system in the world.

Why is it that banking trojans are a problem when all online banks are HTTPS secured and many of them employ multi-factor authentication?

The answer: Humans are not digital.

We have located the first iPhone worm, dubbed as Ikee. It's currently spreading in the wild, but it's only able to infect devices that have been "jailbroken" by their owners. Jailbreaking removes iPhone's protection mechanisms, allowing users to run any software they want.

Affected users will find that their iPhone wallpaper has been altered to a picture of Rick Astley (of Rickroll fame) and the message "ikee is never going to give you up".