• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Jobs
  • Career
    • Cyber Security Training
    • Work from Home
    • Cyber Security Analyst
    • Remote Work – Six Ways to Keep Your Data Safe When Working Remotely
  • Field Guide
  • Newsletter Signup
  • Deals
  • News
AskCyberSecurity.com

AskCyberSecurity.com

Cyber Security News & Information

  • Home
  • Data Privacy
    • Gamers
    • Government Cyber Security
      • Legislation
      • Standards
        • What are the risks of computer security?
        • Medical Cyber Security
    • Social Media
  • Security
    • Data Breaches
    • Scams
      • Identity theft
    • Malware
      • Ransomware
  • Software
    • Apps
    • Web Browsers
  • Glossary
    • Cyber Security Acronyms
  • About Ask Cyber Security
    • Authors
    • Contact Us
  • VPN
    • How Do I Know If My VPN is Working?
    • Best Free VPN iPhone
    • Why Use a VPN?
    • NordVPN vs IPVanish
    • Private Internet Access Download
    • Best VPN for Streaming
      • TikTok VPN
    • VPN Porn
    • Computer Security Software – What You Really Need
  • Tutorials
AskCyber Home » News » News » Spear Phishing Email Scam Steals $389k from Shark Tank Host

Spear Phishing Email Scam Steals $389k from Shark Tank Host

2020-03-02 by Michelle Dvorak

Phishing Email Shark Tank

Spear Phishing Scam Hits Shark Tank Host Barbara Corcoran Who Almost Lost $388,700 to Hackers in Targeted Scam

Hackers sent a spear phishing email scam that successfully stole $388,700 from Shark Tank host Barbara Corcoran. The cybercrime reported by PageSix, was was designed to impersonate her assistant and requested payment for a real estate related invoice. A German bank helped her recover the money.

This cybercrime could have been prevented with a phone call to verify the request. That’s why cyber security training is important.

The hackers sent a phishing email to her bookkeeper. The email was crafted to impersonate her assistant and sent to her accountant with content and a request that seemed legitimate. The scammer emailed the bookkeeper with directions to pay a n invoice for a German company called FFH Concept GmbH. The invoice was to pay for design work on German apartment units that Corcoran had allegedly invested in. FFH Concept GmbH is a real company.

Phishing emails accounted for 90% of data breaches in 2019.

The theft was discovered when Corcoran’s bookkeeper emailed the assistant using her correct email address for a follow-up. The scammer changed one letter in her email address to trick the bookkeeper. The email address was traced to an IP address in China.
Corcoran was able to recover the money. She contacted her bank which in turn contacted the German bank. That bank was able to stop any money transfers out of the German account that hackers had set up to receive money they scammed.

RELATE READ: 10 Cyber Security Tips for Business Travelers

What Was This Phishing Email Successful?

The spear phishing email used information probably gleaned using a common hacker tactic called social engineering. This means they used publicly available information about their intended target to craft a personalized email with content that made sense to the recipient. In this case of spear phishing, the email was sent from an email address that was very close to a legitimate person that works for Corcoran. It has content that talked about real estate, something she regularly invests in. Anyone who watches Shark Tank knows that Corcoran invests in real estate that information is also posted on the front page of her website http://www.barbaracorcoran.com/

No One Is Immune from a Phishing Scam

Corcoran has an estimated net worth of over $80 million USD and is a public figure, so she is easy an easy target for phishing email. Information about her was gathered to send a tailored phishing email. Her assistants, accountants, other people on her team, or those in business relationships with her may have been fooled.

Hackers go after ordinary people too. Although you may think that skilled hackers focus on large businesses, celebrities, or the very wealthy to steal big payouts of cash. Hackers use romance scams, income tax scams, as well as target seniors. Information from dating profiles, social media accounts, and other public documents like real estate transactions are all used to build up a profile for phishing emails.

How to Guard Against Phishing Emails

Never open an email from someone you don’t know. If you believe you know the sender, then check the email address again to be sure. Know the difference between the email box and the friendly name. If you don’t know it, read our guide to spotting a phishing email. In this incident the recipient thought they knew the sender, but the email address was just one letter different than the legitimate assistant’s email.

If someone sends you an email asking to pay an invoice or wire money for any reason, call them verify the request. This would have avoided the entire incident.

Filed Under: News

About Michelle Dvorak

Michelle writes about cyber security, data privacy focusing on social media privacy as well as how to protect your IoT devices. She has worked in internet technology for over 20 years and owns METRONY, LLC. Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. Michelle published a guide to Cyber Security for Business Travelers


LinkedInTwitterFacebook

Primary Sidebar

Subscribe to Our Free Newsletter

We Don't Share or Sell Your Info

Web Browsers

Where Are My Saved Passwords in Chrome?

Google Removes 70 Malicious Browser Add-ons from Chrome Web Store

Firefox 75 Reports Your Browser Settings to Mozilla

511 Tactical

WHAT TO SHOP NOW

Shop

Safeguard Your Money with a VPN

Beat the Stock Market! - Get Rule Breakers!

Malwarebytes Anti-Virus is On Sale!

Shop Kaspersky Anti-Virus

Cyber Security Field Guide

Computer Security While TravelingGet Our Cyber Security Field Guide - Available on Amazon!

Recent Posts

Fake eBay Notification Scam Steals Big Money

Principal Security Consultant – AWS

NJCCIC Announces Alice in Cyberspace 2021

Email Service Cuts Off Gun Rights Nonprofit

Security Engineer – Amazon

Categories

Cyber Security News

Fake eBay Notification Scam Steals Big Money

… [Read More...] about Fake eBay Notification Scam Steals Big Money

NJCCIC Announces Alice in Cyberspace 2021

… [Read More...] about NJCCIC Announces Alice in Cyberspace 2021

PayPal Phishing Scam Steals Accounts

… [Read More...] about PayPal Phishing Scam Steals Accounts

Gun Forum Booted by Domain Registrar

… [Read More...] about Gun Forum Booted by Domain Registrar

More Cyber Security News

Tags

amazon Android Apple bitcoin Career China chrome CISA credit card Cyber Attack Cyber security Data Breach data privacy DHS Equifax Facebook FBI Firefox FTC games GDPR Google Government hack hacker identity theft iPhone Iran IRS malware Microsoft North Korea PayPal phishing phishing email ransomware Russia scam smartphone TikTok tutorial VPN web browser WhatsApp WiFi

Government

FTC Releases Cyber Threat Video Playlist

Malware Found on US Government Funded Phones

UK NCA Reaches Out to Youth to Deter Cybercrimes

Texas DOT Hit by Ransomware Attack

More Posts from this Category

Footer

Menu

  • Home
  • About
  • Authors
  • News
  • Newsletter Signup
  • PRIVACY POLICY

Search

Why Use a VPN?

NordVPN vs IPVanish VPN Review

NAVIGATION

  • Data Breaches
  • Data Privacy
  • Gamers
  • Scams
  • Malware

MEMBER NJCCIC

New Jersey Cybersecurity & Communications Integration Cell

STAY CONNECTED

  • Facebook
  • Instagram
  • Pinterest
  • YouTube
  • Twitter
  • RSS

Copyright © 2021 · AskCyberSecurity.com · METRONY, LLC

Go to mobile version