Skip to main content

Is freshdesk.com a Scam? Security Check Results - Freshworks Inc. Reviews

freshdesk.com favicon

Is freshdesk.com Safe? Security Analysis for Freshworks Inc.

https://freshdesk.com

Check if freshdesk.com is a scam or legitimate. Free security scan and reviews.

TechnologyN/aenterprise
React (Next.js)Material UIGoogle Tag ManagerWistia video embedsOneTrust cookie consent+1 more
Analyzed 9/4/2025Completed 11:36:10 PM
77
Security Score
LOW RISK

AI Summary

Freshworks Inc. operates Freshdesk, an advanced AI-powered customer service platform designed to unify multiple communication channels and enhance agent productivity through automation and intelligent assistance. Positioned as a leading SaaS provider in the customer service technology sector, Freshdesk serves over 73,000 businesses worldwide, offering a comprehensive suite of tools including email AI agents, conversational AI, omnichannel support, and analytics. The website demonstrates a high level of digital maturity, leveraging modern frameworks such as Next.js and React, and integrating marketing and analytics tools like Google Tag Manager and Optimizely. Privacy and cookie policies are clearly presented with consent mechanisms, reflecting good compliance practices. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response contacts are not prominently disclosed. The absence of WHOIS data is notable but does not detract significantly from the overall legitimacy given the professional presentation and extensive trust signals. Strategic recommendations include enhancing transparency around security policies and incident response, and publishing vulnerability disclosure information to further strengthen trust and compliance.

Detected Technologies

React (Next.js)Material UIGoogle Tag ManagerWistia video embedsOneTrust cookie consentOptimizely

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

Freshworks holds a strong market position as a provider of AI-driven customer service solutions, targeting businesses seeking to modernize and automate their support operations. Their SaaS business model focuses on subscription revenue streams, supported by a broad ecosystem of integrations and a large customer base. The company emphasizes innovation through Freddy AI, combining automation with human agent assistance to improve efficiency and customer satisfaction. Recognitions from G2 and TrustRadius, along with extensive customer testimonials, reinforce their credibility. The website's multilingual support and global reach indicate a strategic focus on international markets. The partnership ecosystem includes integrations with widely used business applications, enhancing Freshdesk's value proposition. Overall, Freshworks demonstrates a well-structured approach to growth and customer engagement in the competitive customer service technology landscape.

Extracted Contact Information

Marketing Intelligence Data

Email Addresses (2)

s*****@freshworks.comCompanyAbout
s*****@freshworks.com

Security Posture Analysis

Comprehensive Security Assessment

The website exhibits a mature security posture with HTTPS enforced and multiple security headers implemented, reducing common web vulnerabilities. No exposed sensitive data or vulnerable libraries were detected in the HTML content. However, the lack of publicly available security policies, incident response contacts, or vulnerability disclosure mechanisms represents a gap in transparency and readiness communication. The use of third-party scripts such as Google Tag Manager and Optimizely necessitates ongoing monitoring for potential supply chain risks. Privacy compliance is well addressed with clear privacy and cookie policies and consent management. To elevate security maturity, Freshworks should consider publishing detailed security policies, incident response procedures, and a security.txt file to facilitate responsible vulnerability reporting and enhance stakeholder trust.

Strategic Recommendations

Priority Actions for Security Improvement

1

Publish a dedicated security policy page detailing security controls and practices.

Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

Freshworks Inc.

Description:

Freshdesk is an AI-powered customer service solution that’s easy to set up, simple to use, and built to boost agent productivity and deliver seamless customer experiences.

Key Services:
AI-powered customer service platformEmail AI agentsConversational AI agentsOmnichannel supportAdvanced workflowsAnalytics and insightsIntegrations with business apps
Content Quality:

excellent

Branding:

consistent

Technical Stack

Technologies:
React (Next.js)Material UIGoogle Tag ManagerWistia video embedsOneTrust cookie consentOptimizely
Frameworks:
Next.jsReact
Performance:

moderate

Mobile:

excellent

Accessibility:

good

SEO:

good

Security Assessment

Security Score:
90/100
Best Practices:
  • HTTPS enforced
  • Use of security headers
  • No exposed sensitive data in HTML
  • Secure forms with proper labeling

Analytics & Tracking

Services:
Google Tag ManagerOptimizely
Tracking Level:moderate
Privacy Compliance:good

Advertising & Marketing

Ad Networks:
LinkedIn Ads
Tracking Pixels:
LinkedIn Insight TagOptimizely
Marketing Tools:
OptimizelyOneTrust
Transparency Level:good

Website Quality Assessment

Design Quality:excellent
User Experience:excellent
Content Relevance:excellent
Navigation Clarity:excellent
Professionalism:excellent
Trustworthiness:high

Key Observations

1

Website is fully accessible with rich content and multimedia

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

65/100
Score

Weak X-Frame-Options configuration

LOW

Current value: "allow-from https://www.freshworks.com"

Missing X-XSS-Protection header

MEDIUM

Legacy XSS protection (deprecated but still recommended)

Missing Referrer-Policy header

LOW

Controls referrer information sent with requests

Missing Permissions-Policy header

MEDIUM

Controls browser features and APIs

Sensitive data may be cached

LOW

Cache-Control header should include "no-store" for sensitive pages

👤GDPR Compliance

Privacy and data protection assessment under GDPR regulations.

GDPR Compliance

Privacy and data protection assessment

85/100
Score

No Cookie Consent Banner found

HIGH

GDPR requires explicit consent for non-essential cookies

GDPR Compliance Analysis

Privacy Policy85% confidence
Cookie Policy85% confidence
Contact Information Found90% confidence
emailphone

🛡️NIS2 Compliance

Network & Information Security Directive compliance assessment.

NIS2 Compliance

Network & Information Security Directive

17/100
Score

No information security framework found

HIGH

NIS2 requires documented cybersecurity and information security measures

No vulnerability disclosure policy

MEDIUM

NIS2 encourages coordinated vulnerability disclosure

No security policy documentation found

HIGH

NIS2 requires documented cybersecurity governance and risk management

No incident response procedures found

HIGH

NIS2 requires documented incident response and business continuity plans

No business continuity planning found

MEDIUM

NIS2 emphasizes operational resilience and business continuity

No security contact information

HIGH

NIS2 requires clear incident reporting channels

No vulnerability reporting mechanism

MEDIUM

Clear vulnerability reporting supports coordinated disclosure

No NIS2 reference found

LOW

Consider explicitly mentioning NIS2 compliance efforts

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

95/100
Score

Complex SPF record

LOW

Too many include statements can cause lookup limits

SPF
Sender Policy Framework
DKIM
DomainKeys Identified Mail
DMARC
Domain-based Message Authentication
MX Records
Mail Exchange Records
BIMI
Brand Indicators
MTA-STS
Mail Transfer Agent Security
TLS-RPT
TLS Reporting
DNSSEC
DNS Security
SPF Details
Record:
v=spf1 include:_spf.google.com include:sendgrid.net include:_spf.salesforce.com include:_spf.psm.knowbe4.com include:mktomail.com ip4:13.126.240.50/32 ip4:13.126.94.72/32 ip4:13.126.102.198/32 ip4:159.65.239.157 ip4:20.189.177.144/28 ip4:23.101.193.21/32 ip4:91.102.14.0/26 ip4:194.29.227.64/26 ip4:91.102.8.32/27 ~all
DNS Lookups:5/10
Policy:~all
DKIM Selectors Found
Selector:email(1416-bit rsa)
Selector:s1(1440-bit rsa)
DMARC Details
Policy:quarantine
Aggregate Reports:dmarc-fd-reports@freshworks.com
Forensic Reports:dmarc-fd-reports@freshworks.com
MTA-STS Details

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

82/100
Score

Weak Protocols Supported

HIGH

Server supports weak protocols: TLSv1.1

Certificate Transparency Not Implemented

LOW

Certificate is not logged in Certificate Transparency logs

Partial SSL/TLS Assessment

LOW

Completed 3 of 4 security checks due to time constraints

Protocol Support

TLSv1.3TLSv1.2TLSv1.1

OCSP Status

OCSP Stapling Enabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

85/100
Score

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

CAA Records Not Configured

LOW

Certificate Authority Authorization (CAA) records not found

DNS Records

A Records:18.165.140.84, 18.165.140.123, 18.165.140.53, 18.165.140.37
Name Servers:
ns-1058.awsdns-04.orgDNS only
ns-1937.awsdns-50.co.ukDNS only
ns-360.awsdns-45.comDNS only
ns-564.awsdns-06.netDNS only
MX Records:
10: aspmx3.googlemail.com
10: aspmx2.googlemail.com
5: alt1.aspmx.l.google.com
1: aspmx.l.google.com
5: alt2.aspmx.l.google.com
SOA:Serial: 1, TTL: 86400s

DNSSEC Status

DNSSEC Not Enabled

DNS Performance

Resolution Time:64ms

SPF Analysis

SPF Record:
v=spf1 include:_spf.google.com include:sendgrid.net include:_spf.salesforce.com include:_spf.psm.knowbe4.com include:mktomail.com ip4:13.126.240.50/32 ip4:13.126.94.72/32 ip4:13.126.102.198/32 ip4:159.65.239.157 ip4:20.189.177.144/28 ip4:23.101.193.21/32 ip4:91.102.14.0/26 ip4:194.29.227.64/26 ip4:91.102.8.32/27 ~all

Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

100/100
Score

Good Network Security Posture

LOW

No unnecessary services detected on common risky ports

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

Freshworks employs a modern technical infrastructure based on React and Next.js frameworks, ensuring a responsive and performant user experience. The site integrates advanced multimedia content such as Wistia-hosted videos and uses Material UI for consistent design. Analytics and marketing tools like Google Tag Manager, Optimizely, and OneTrust are integrated for data-driven optimization and compliance. The website demonstrates good mobile optimization and accessibility features, contributing to a positive user experience. Performance is moderate, with potential for further optimization in media loading and script management. The absence of a detected CMS suggests a custom or headless architecture, which aligns with modern SaaS platform practices. Overall, the technical implementation supports Freshworks' business goals effectively while maintaining scalability and user engagement.
Analyze Another Website