• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Jobs
  • Career
    • Cyber Security Training
    • Work from Home
    • Cyber Security Analyst
    • Remote Work – Six Ways to Keep Your Data Safe When Working Remotely
  • Field Guide
  • Newsletter Signup
  • Deals
  • News
AskCyberSecurity.com

AskCyberSecurity.com

Cyber Security News & Information

  • Home
  • Data Privacy
    • Gamers
    • Government Cyber Security
      • Legislation
      • Standards
        • What are the risks of computer security?
        • Medical Cyber Security
    • Social Media
  • Security
    • Data Breaches
    • Scams
    • Malware
  • Software
    • Apps
    • Web Browsers
  • Glossary
    • Cyber Security Acronyms
  • About Ask Cyber Security
    • Authors
    • Contact Us
  • VPN
    • How Do I Know If My VPN is Working?
    • Best Free VPN iPhone
    • Why Use a VPN?
    • NordVPN vs IPVanish
    • Private Internet Access Download
    • Best VPN for Streaming
      • TikTok VPN
    • VPN Porn
    • Computer Security Software – What You Really Need
  • Tutorials
  • ChatGPT
    • Does ChatGPT Save Data?
AskCyber Home » News » News » Spear Phishing Email Scam Steals $389k from Shark Tank Host

Spear Phishing Email Scam Steals $389k from Shark Tank Host

2020-03-02 by Michelle Dvorak

Phishing Email Shark Tank

Spear Phishing Scam Hits Shark Tank Host Barbara Corcoran Who Almost Lost $388,700 to Hackers in Targeted Scam

Hackers sent a spear phishing email scam that successfully stole $388,700 from Shark Tank host Barbara Corcoran. The cybercrime reported by PageSix, was was designed to impersonate her assistant and requested payment for a real estate related invoice. A German bank helped her recover the money.

This cybercrime could have been prevented with a phone call to verify the request. That’s why cyber security training is important.

The hackers sent a phishing email to her bookkeeper. The email was crafted to impersonate her assistant and sent to her accountant with content and a request that seemed legitimate. The scammer emailed the bookkeeper with directions to pay a n invoice for a German company called FFH Concept GmbH. The invoice was to pay for design work on German apartment units that Corcoran had allegedly invested in. FFH Concept GmbH is a real company.

Phishing emails accounted for 90% of data breaches in 2019.

The theft was discovered when Corcoran’s bookkeeper emailed the assistant using her correct email address for a follow-up. The scammer changed one letter in her email address to trick the bookkeeper. The email address was traced to an IP address in China.
Corcoran was able to recover the money. She contacted her bank which in turn contacted the German bank. That bank was able to stop any money transfers out of the German account that hackers had set up to receive money they scammed.

RELATE READ: 10 Cyber Security Tips for Business Travelers

What Was This Phishing Email Successful?

The spear phishing email used information probably gleaned using a common hacker tactic called social engineering. This means they used publicly available information about their intended target to craft a personalized email with content that made sense to the recipient. In this case of spear phishing, the email was sent from an email address that was very close to a legitimate person that works for Corcoran. It has content that talked about real estate, something she regularly invests in. Anyone who watches Shark Tank knows that Corcoran invests in real estate that information is also posted on the front page of her website http://www.barbaracorcoran.com/

No One Is Immune from a Phishing Scam

Corcoran has an estimated net worth of over $80 million USD and is a public figure, so she is easy an easy target for phishing email. Information about her was gathered to send a tailored phishing email. Her assistants, accountants, other people on her team, or those in business relationships with her may have been fooled.

Hackers go after ordinary people too. Although you may think that skilled hackers focus on large businesses, celebrities, or the very wealthy to steal big payouts of cash. Hackers use romance scams, income tax scams, as well as target seniors. Information from dating profiles, social media accounts, and other public documents like real estate transactions are all used to build up a profile for phishing emails.

How to Guard Against Phishing Emails

Never open an email from someone you don’t know. If you believe you know the sender, then check the email address again to be sure. Know the difference between the email box and the friendly name. If you don’t know it, read our guide to spotting a phishing email. In this incident the recipient thought they knew the sender, but the email address was just one letter different than the legitimate assistant’s email.

If someone sends you an email asking to pay an invoice or wire money for any reason, call them verify the request. This would have avoided the entire incident.

Filed Under: News

About Michelle Dvorak

Michelle writes about cyber security, data privacy focusing on social media privacy as well as how to protect your IoT devices. She has worked in internet technology for over 20 years and owns METRONY, LLC. Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. Michelle published a guide to Cyber Security for Business Travelers


LinkedInTwitterFacebook

Primary Sidebar

Subscribe to Our Free Newsletter

We Don't Share or Sell Your Info

Web Browsers

Where Are My Saved Passwords in Chrome?

Google Removes 70 Malicious Browser Add-ons from Chrome Web Store

Firefox 75 Reports Your Browser Settings to Mozilla

Categories

Cyber Security Field Guide

Computer Security While TravelingGet Our Cyber Security Field Guide - Available on Amazon!

Recent Posts

Security Marketing Manager – Remote

Sr. Associate, Cybersecurity Architect – Pfizer

Strategic Customer Success Manager – Cybersecurity – Opportunity for Working Remotely

Top 20 Passwords Leaked on Dark Web

ISU Cybersecurity Leader Job Opening

Cyber Security News

Top 20 Passwords Leaked on Dark Web

… [Read More...] about Top 20 Passwords Leaked on Dark Web

Apple Warns of Actively Exploited Zero-Day Flaw

… [Read More...] about Apple Warns of Actively Exploited Zero-Day Flaw

IRS Stops Facial Recognition System for Online Access

… [Read More...] about IRS Stops Facial Recognition System for Online Access

National Cybersecurity Alliance Announces Data Privacy Week

… [Read More...] about National Cybersecurity Alliance Announces Data Privacy Week

More Cyber Security News

Tags

amazon Android Apple bitcoin China chrome CISA credit card DarkSide DHS DOJ Equifax Europe Facebook facial recognition FBI Firefox FTC games GDPR Google Government hacker identity theft India iPhone Iran IRS LinkedIn Microsoft North Korea PayPal phishing phishing email ransomware REvil Russia smartphone T-Mobile TikTok tutorial VPN WhatsApp WiFi Windows

Government

CBP Looks to Access Airline Passenger Data

FTC Releases Cyber Threat Video Playlist

Malware Found on US Government Funded Phones

UK NCA Reaches Out to Youth to Deter Cybercrimes

More Posts from this Category

Footer

Menu

  • Home
  • About
  • Authors
  • Newsletter Signup
  • PRIVACY POLICY

Search

Why Use a VPN?

NordVPN vs IPVanish VPN Review

NAVIGATION

  • Data Breaches
  • Data Privacy
  • Gamers
  • Scams
  • Malware

MEMBER NJCCIC

New Jersey Cybersecurity & Communications Integration Cell

STAY CONNECTED

  • Facebook
  • Instagram
  • Pinterest
  • YouTube
  • Twitter
  • RSS

Copyright © 2023 · AskCyberSecurity.com · METRONY, LLC

Go to mobile version