Is WEB.DE MailCheck for Firefox safe to use?

WEB.DE MailCheck for Firefox has a security risk score of 100/100 (CRITICAL risk). Our security analysis detected 183 findings. Review the detailed security assessment below to understand the specific risks before installation.

What are the security risks of WEB.DE MailCheck for Firefox?

Based on our automated security analysis, WEB.DE MailCheck for Firefox presents critical risk level. The extension is analyzed for malware patterns, secret exposure, network communications, permissions, and supply chain vulnerabilities.

How is the security score calculated?

Risky Plugins calculates security scores using weighted categories: severity of findings (25 points max), malware detections (35 points), secret exposure (28 points), network communications (10 points), and obfuscation (10 points). Scores range from 0-100, with higher scores indicating greater risk.

What does CRITICAL, HIGH, MEDIUM, LOW, MINIMAL risk mean?

CRITICAL (80-100): Severe security issues like malware. HIGH (60-79): Significant vulnerabilities. MEDIUM (40-59): Moderate security concerns. LOW (20-39): Minor issues. MINIMAL (0-19): Very low risk. Always review findings before installing any extension.

Is "WEB.DE MailCheck for Firefox" on Firefox Add-ons Safe to Install?

Name: WEB.DE MailCheck for Firefox
Availability: InStock
Rating: 3.0394 (127 reviews)
Author: 1&1 Mail & Media GmbH

1&1 Mail & Media GmbH · firefox · v8.0.18

E-Mail notification in the browser and on the desktop Read and write your emails with only one click Access to all your email accounts in only one tool (e.g. WEB.DE , GMX , 1&1 , mail.com and many more) Encrypted SSL connection and password protection with highest security standards Optional: Access your emails via mail icon on start page

Risk Assessment

Analyzed

100

out of 100

CRITICAL

183 security findings detected across all analyzers

Firefox extension requesting 37 permissions

Severity Breakdown

Critical

High

Medium

Low

Info

Finding Categories

Malware Signatures

Obfuscation

Network

YARA Rules Matched

14 rules(90 hits)

credential env files postinstall network communication postinstall system command postinstall file manipulation postinstall obfuscation postinstall registry modification NoUseWeakRandom postinstall crypto operations postinstall file download postinstall persistence mechanism OriginsNotVerified LocalStorageShouldNotBeUsed postinstall environment access UntrustedContentShouldNotBeIncluded

Requested Permissions

37 permissions

management

Manage other installed extensions

Dangerous

<all_urls>

Access and modify data on every website you visit

Dangerous

identity

Access your identity and sign-in tokens

High

activeTab

Medium

tabs

Medium

storage

Low

notifications

Low

contextMenus

Low

https://*.web.de/*

Low

https://*.gmx.net/*

Low

https://*.gmx.de/*

Low

https://*.gmx.ch/*

Low

https://*.gmx.at/*

Low

https://*.gmx.com/*

Low

https://*.mail.com/*

Low

https://*.1und1.de/*

Low

https://*.1and1.com/*

Low

https://suche.web.de/*

Low

https://dl.web.de/backend/post.html

Low

https://dl.gmx.net/backend/post.html

Low

https://dl.gmx.com/backend/post.html

Low

https://dl.mail.com/backend/post.html

Low

https://dl.1und1.de/backend/post.html

Low

https://www.adsensecustomsearchads.com/afs/ads?*

Low

https://www.adsensecustomsearchads.com/afs/ads/*

Low

https://1und1.de/login/oauth2/*

Low

https://www.1und1.de/login/oauth2/*

Low

https://gmx.net/login/oauth2/*

Low

https://www.gmx.net/login/oauth2/*

Low

https://gmx.com/login/oauth2/*

Low

https://www.gmx.com/login/oauth2/*

Low

https://mail.com/login/oauth2/*

Low

https://www.mail.com/login/oauth2/*

Low

https://web.de/login/oauth2/*

Low

https://www.web.de/login/oauth2/*

Low

https://login.live.com/*

Low

About This Extension

<ul><li>E-Mail notification in the browser and on the desktop</li><li>Read and write your emails with only one click</li><li>Access to all your email accounts in only one tool (e.g. <a href="https://prod.outgoing.prod.webservices.mozgcp.net/v1/5cff19bdb0c5a157dcbcf3f3f022cbc4794fa85e6eec5f3aeab7fc39e005f70f/http%3A//WEB.DE" rel="nofollow">WEB.DE</a>, <a href="https://prod.outgoing.prod.webservices.mozgcp.net/v1/4c7bb370b79facbf09837132859273528fde29d215eccd9a0a87480737e1e3ab/http%3A//gmx.net/" rel="nofollow">GMX</a>,<a href="https://prod.outgoing.prod.webservices.mozgcp.net/v1/97a21e25e1265f1a1578520cd11b3ad83ff65d14915e70e89e399f67940b6a26/http%3A//home.1und1.de/" rel="nofollow">1&1</a>, <a href="https://prod.outgoing.prod.webservices.mozgcp.net/v1/6b59bf8b94224a366968d483216df0e725c9c203992ca62f2fd4a4f66ebeeb53/http%3A//mail.com" rel="nofollow">mail.com</a> and many more)</li><li>Encrypted SSL connection and password protection with highest security standards</li><li>Optional: Access your emails via mail icon on start page</li></ul>

Detailed Findings

183 total

YARA Rule Matches

14 rules

Security Analysis Summary

Security Analysis Overview

WEB.DE MailCheck for Firefox is a Firefox Add-ons extension published by 1&1 Mail & Media GmbH. Version 8.0.18 has been analyzed by the Risky Plugins security platform, receiving a risk score of 100/100 (CRITICAL risk) based on 183 security findings.

Risk Assessment

This extension presents critical security risk. Severe issues were detected, potentially including malware indicators, exposed secrets, or dangerous behaviors. Installation is strongly discouraged until these issues are addressed.

Findings Breakdown

High: 90 finding(s)
Medium: 93 finding(s)

What Was Analyzed

The security assessment covers multiple analysis categories:

Malware Detection: YARA rule matching against 2,400+ malware signatures
Secret Detection: Scanning for exposed API keys, tokens, and credentials
Static Analysis: Code-level security analysis for common vulnerability patterns
Network Analysis: Detection of suspicious network communications and endpoints
Obfuscation Detection: Identification of code obfuscation techniques

Developer Information

WEB.DE MailCheck for Firefox is published by 1&1 Mail & Media GmbH on the Firefox Add-ons marketplace. The extension has approximately 22K users.

Recommendation

This extension is not recommended for installation without thorough manual review. Consider alternatives with lower risk scores, or contact the developer to address the identified security concerns.

Source Code Viewer

Source Code Not Available

Source code is not available for this version of the extension.

Frequently Asked Questions

Similar Extensions

Related extensions from the same publisher or marketplace

mail.com MailCheck

1&1 Mail & Media GmbH

CRITICAL 1K users

GMX MailCheck for Firefox

1&1 Mail & Media GmbH

CRITICAL 17K users

GMX MailCheck for Firefox

1&1 Mail & Media GmbH

CRITICAL 18K users

WEB.DE MailCheck for Firefox

1&1 Mail & Media GmbH

CRITICAL 23K users

mail.com MailCheck

Unknown Developer

CRITICAL

mail.com MailCheck

1&1 Mail & Media GmbH

CRITICAL 1K users

Risk Assessment

Severity Breakdown

Finding Categories

YARA Rules Matched

Requested Permissions

About This Extension

Detailed Findings

NET-FETCH-js/aib-cs.js-9187

OBFUSCATION-FUNCTION_INDIRECT-js/aib-cs.js-6717

NET-FETCH-js/background-mailcheck.js-8830

NET-FETCH-js/background-mailcheck.js-9095

NET-FETCH-js/options.js-8647

NET-FETCH-js/options.js-8670

NET-FETCH-js/onboarding-panel.js-5156

OBFUSCATION-FUNCTION_INDIRECT-js/mail-panel.js-5076

NET-FETCH-js/background-mailcheck.js-8421

NET-FETCH-js/background-mailcheck.js-8781

NET-AXIOS-js/aib-cs.js-44454

NET-FETCH-js/background-mailcheck.js-5749

NET-FETCH-js/aib-cs.js-8113

OBFUSCATION-FUNCTION_INDIRECT-js/onboarding-panel.js-5759

NET-FETCH-js/options.js-44176

NET-AXIOS-js/background-mailcheck.js-45463

NET-FETCH-js/background-mailcheck.js-9069

NET-FETCH-js/options.js-8333

OBFUSCATION-FUNCTION_INDIRECT-js/background-mailcheck.js-10864

NET-FETCH-js/options.js-8661

NET-FETCH-js/aib-cs.js-8634

NET-FETCH-js/aib-cs.js-8596

NET-AXIOS-js/options.js-44534

NET-AXIOS-js/options.js-44545

NET-FETCH-js/aib-cs.js-3858

NET-FETCH-js/background-mailcheck.js-8360

MANIFEST-SENSITIVE-PERM-TABS

OBFUSCATION-FUNCTION_INDIRECT-js/onboarding-panel.js-4630

NET-AXIOS-js/background-mailcheck.js-45453

NET-FETCH-js/aib-cs.js-44085

NET-FETCH-js/background-mailcheck.js-8856

NET-FETCH-js/options.js-7814

OBFUSCATION-FUNCTION_INDIRECT-js/mail-panel.js-6205

OBFUSCATION-FUNCTION_INDIRECT-js/aib-cs.js-9858

NET-AXIOS-js/options.js-44535

NET-FETCH-js/options.js-5343

NET-FETCH-js/options.js-7911

NET-FETCH-js/background-mailcheck.js-9080

NET-FETCH-js/aib-cs.js-7508

NET-AXIOS-js/aib-cs.js-44453

NET-FETCH-js/aib-cs.js-7821

NET-FETCH-js/background-mailcheck.js-7994

OBFUSCATION-FUNCTION_INDIRECT-js/options.js-9949

NET-FETCH-js/options.js-7445

NET-FETCH-js/aib-cs.js-8346

NET-FETCH-js/background-mailcheck.js-9109

NET-AXIOS-js/aib-cs.js-44443

NET-FETCH-js/background-mailcheck.js-10147

NET-AXIOS-js/background-mailcheck.js-45464

NET-AXIOS-js/background-mailcheck.js-45454

NET-AXIOS-js/options.js-44544

NET-FETCH-js/aib-cs.js-8372

NET-FETCH-js/aib-cs.js-7409

NET-FETCH-js/background-mailcheck.js-4121

NET-FETCH-js/aib-cs.js-8576

NET-FETCH-js/background-mailcheck.js-8263

NET-AXIOS-js/aib-cs.js-44444

NET-FETCH-js/aib-cs.js-7937

NET-FETCH-js/background-mailcheck.js-7972

NET-FETCH-js/background-mailcheck.js-9060

NET-FETCH-js/options.js-8612

NET-FETCH-js/options.js-7522

NET-FETCH-js/aib-cs.js-8297

NET-AXIOS-js/background-mailcheck.js-45456

NET-FETCH-js/mail-panel.js-5602

NET-FETCH-js/aib-cs.js-7486

NET-FETCH-js/aib-cs.js-7778

NET-FETCH-js/options.js-8149

OBFUSCATION-FUNCTION_INDIRECT-js/background-mailcheck.js-7201

NET-FETCH-js/options.js-9242

NET-FETCH-js/background-mailcheck.js-9118

NET-FETCH-js/background-mailcheck.js-7895

NET-FETCH-js/background-mailcheck.js-8597