Part Two: An Overview of Spear Phishing Hacks by Hikvision Senior Director of Cybersecurity

November 6, 2020

Hikvision HikWire blog article Identify Phishing Attacks, Part 2

Learn to Identify Phishing Attacks to Prevent Becoming a Victim, Plus 8 Tips to Protect Yourself Online


Being able to identify phishing email scams can reduce your risk of becoming a victim to this cyberattack. In yesterday’s HikWire blog, Hikvision’s senior director of cybersecurity, Chuck Davis, overviewed examples and types of phishing scams. In today’s blog, Davis will discuss a special type of phishing hacks called spear phishing.

Yesterday, we noted that phishing scams have risen since the onset of the pandemic. And, Barracuda networks found a 667 percent rise in coronavirus-driven phishing attacks in February 2020.

Understanding these attacks will help prevent you becoming a victim to them. Continue reading below to learn more and check out tips to stay safe from phishing attacks.

What is Spear Phishing?
Spear phishing is a type of phishing attack that is targeted to a specific person or organization. Spear phishing emails typically have information about the victim in the email that makes the email seem credible.

Here is a spear phishing example that has to do with attempting to gain financial information. In 2018, a law firm posted a blog that gave the following example, which appears to be from an internal person within the company.

Identifying Phishing Attacks

Another type of attack method involves extortion. Victims report receiving an email claiming that a malicious hacker installed malware on their computer. The email shows a valid password belonging to the recipient, and explains that the attacker has access to the recipient’s webcam and has a log of their keystrokes. The attacker gives the recipient two choices:

Ignore the email and the attacker will send something embarrassing to all of the recipient’s contacts.

  • Or, pay a ransom in bitcoin, and the hacker will delete everything they have.
  • If you happen to receive one of these emails, don’t panic. This is a scam.

8 Tips to Protect Yourself Online
Below are several steps you can take to reduce your risk of becoming a victim to phishing attacks, and boost cybersecurity.

  1. If this is a business email address, let your cybersecurity team know immediately about the threatening email. There could be an ongoing company-wide campaign that the cybersecurity team can stop. If the cybersecurity team is aware of the campaign they can also help educate employees.
  2. Use two-factor authentication (2FA) or multi-factor authentication (MFA) everywhere possible.
  3. Use a password manager. This will allow you to make great passwords (20 plus characters) that are unique for every website. And, you won’t need to remember any of them.
  4. Never reuse passwords. If you have reused passwords, take time to change them now, before it’s too late. Threat actors buy up username/password lists and start trying to login with the username and password on other sites, like Twitter, Facebook, and Spotify.
  5. If you are alerted that a password has been compromised, change it immediately and see item number three, above.
  6. Be wary of short URLs. Malicious links are sometimes sent in short URLs through social media. Check short URLs with a tool like to preview the real address before clicking.
  7. Be aware of doppelganger domains, which are domain names that look like a valid, trusted domain like “” If you don’t look closely at URLs sent in email, you could quickly overlook this.
  8. Visit This site is hosted by a respected cybersecurity professional named Troy Hunt. Make sure to enter all work and personal email addresses and subscribe to get updates. If your email address is ever found in a data breach, you will be alerted.

Hikvision routinely posts articles about trends in cybersecurity, including steps you can take to protect your data and accounts from hacks and vulnerabilities. Visit our cybersecurity blog link regularly for updates. And, check out our online Cybersecurity Center for resources such as best practices, changing passwords, and updating Hikvision product firmware.

IMPORTANT! This model requires non-standard firmware. Do Not Install standard firmware (e.g. v.4.1.xx) on this model. Doing so will permanently damage your system. You must use custom firmware v.4.1.25 from the iDS-9632NXI-I8/16S product page.

View the most updated version of this document here:


The I-series NVR (such as the DS-7716NI-I4) is one of Hikvision's most popular and feature-rich recorders. As such, many firmware revisions have been introduced over the years to continually ensure the product is compatible with the newest technology available. Due to the many revisions, we recommend that the user closely follows the instructions below in order to reduce the amount of time spent as well as the chance of failure.


Database Optimization and Repair

As more affordable IP cameras are introduced over time with greater video resolution and data sizes, more efficient database management also becomes necessary. The introduction of firmware v4.0 brought about a new database architecture in order to be futureproof.


After upgrading to v4.X, the recorder database will need to be converted and optimized. If you are experiencing issues where playback is expected but not found, make sure "Database Repair" is performed as indicated in the procedures and scenarios below.


Preparing the Upgrade

Before proceeding with upgrade, it is recommended that NVR configuration file is exported from the NVR over the network or on to a local USB drive.


Upgrading from v3.4.92 build 170518 or Older

  1. All recorders must reach v3.4.92 before proceeding further. Upgrading from versions before v3.4.92 directly to any version of v4.X will likely cause the recorder to fail.
  2. If the recorder is already at v3.4.92, a full factory default is highly recommended before upgrading to any version of v4.X. There is a high chance of unit failure (requiring RMA) if the unit is not defaulted before upgrade.
  3. After reaching v3.4.92 and performing a full factory default, an upgrade directly to v4.50.00 is acceptable.
  4. After the upgrade is completed and the recorder is reprogrammed, it may be beneficial to perform a Database Repair. For details, refer to the section "Database Optimization and Repair" above.
  5. To verify repair progress, you may refer to the HDD status, or search the recorder log for repair started and stopped entries. Note that while the HDD is repairing, new recordings are still being made, but some existing recordings may not be searchable until repair is complete.
  6. If you continue to observe playback issues after database repair, ensure there are no power, network, or motion detection issues. Should the problem persist, contact technical support.


Upgrading from Any v4.X Build to v4.50.00.

  1. Any v4.X build can be upgraded directly to v4.50.00.
  2. Export configuration is highly recommended before performing the upgrade.
  3. If upgrading from any v4.X version that was not v4.22.005, a Database Repair is recommended. Refer to Step 4 and onwards in the previous section.



Downgrading is not recommended. Due to new features and parameters constantly being added, downgrading may cause the NVR to factory default itself or require a manual default to operate properly.

By downloading and using software and other materials available via this website, you agree to be legally bound by HIKVISION General Terms of Use . If you don’t agree to these terms, you may not download or use any of those materials.

If you are agreeing on behalf of your company, you represent and warrant that you have legal authority to bind your company to the General Terms of Use above. Also you represent and warrant that you are of the legal age of majority in the jurisdiction in which you reside (at least 18 years of age in many countries).