NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

DERoss's avatar
DERoss
Apprentice
Jun 21, 2017

Security Update from NETGEAR?

This morning (21 June 2017), I received an E-mail message with the Subject: "Important Security Update from NETGEAR: New Firmware Is Available for Your Product".  For the following two reasons, I sus...
Security
HCE's avatar
HCE
Aspirant
Jun 21, 2017

I have received the same email but want to know if it is a scam before doing anything

  • User8472's avatar
    User8472
    Aspirant
    Jun 21, 2017

    The email was sent from a Netgear IP address, so I'm guessing it's legitimate.  However there was no new firmware update or security patch for my PR2000.  Seems like a major screwup by Netgear. However there is no method of contacting their support dept and I really doubt their staff even looks at these forums.  I doubt we'll ever have an answer.  EPIC NETGEAR SUPPORT FAIL.

     

    I'm really interested in the security vulnerability, I don't want to be exposed to attack.

    • DERoss's avatar
      DERoss
      Apprentice
      Jun 21, 2017

      The origiinal message source indicates the message was sent from a server with the IP address 136.147.187.62.  A WhoIs query indicates that IP address belongs to either Salesforce.com, Inc. in San Francisco or else ExactTarget, Inc. in Indianapolis.  According to Wikipedia, ExactTarget was the original name of Salesforce.com; but neither is connected to Netgear. 

       

      The return E-mail address domain was NOT netgear.com but e.netgear.com.  A DNS lookup for netgear.com yields the IP addresses 54.200.99.0 and 54.218.118.186, both of which belong to Amazon.  A DNS lookup for e.netgear.com, however, yields the IP address 68.232.201.28, which belongs to ExactTarget. 

       

      Since the US-CERT (an agency of the United States Department of Homeland Security) has not reported a Netgear security vulnerability for June, this whole mess smells. 

       

       

      • DERoss's avatar
        DERoss
        Apprentice
        Jun 22, 2017

        I just remembered that I have a toll-free phone number for Netgear's technical support.  I called them.  The technical support person said he thinks there really is an update and that the message is legitimate.  I replied that, when I tried to get an update through my installed Netgear Genie, I got the message that there is no new update available.  He said that I should wait 2-3 days. 

         

        In the meantime, I finally navigated to Netgear's firmware download page for my router.  My current version (updated over a year ago) is still listed as the latest version. 

         

        My strong recommendation is that updates should only be obtained through the Netgear Genie (or whatever your local router user interface is called) and definitely NOT through any E-mail message.