The beauty of the internet is the hyperlink. All objects in the cyberspace are essential represented by a link or URL. Obviously, this includes malicious code. Delivering an email to a user with a link to a website hosting malicious code is the first step in most attack.
How you can verify a link is safe to visit before visiting it? There is a high risk of inflecting malware or virus if you visit every suspicious link. Fortunately, UC Santa Barbara student created a project to verify the suspicious URLs by actually visiting the destination. They even follow the redirect command and visit the deep links. Â The project is
However, there is one possibility that since Wepawet is hosted with a fixed IP address, the attacker could return harmless content if they detect the source IP address is the same as Wepawet address. When using this tool, it is better that you use a public accessible proxy.
Twitter has in I think two years ago implemented security verification of URL before publishing. Sina Weibo is also doing the same. We need all web sites that take in public contents to in fact do the same. When they are publishing URLs, it is also important that they do verify the security of any external links before publishing. AV providers like F-Secure also offer a free URL security checking service at: http://browsingprotection.f-secure.com/swp/.