Back to Blog

Shark Tank’s Barbara Corcoran falls prey to $400k BEC Attack

Parker Byrd

“Shark Tank” star Barbara Corcoran has been swindled out of just under $400,000 in an email phishing scam, according to People.

“I lost the $388,700 as a result of a fake email chain sent to my company,” said Corcoran. “It was an invoice supposedly sent by my assistant to my bookkeeper approving the payment for a real estate renovation. There was no reason to be suspicious as I invest in a lot of real estate.”

Here’s what happened:

Barbara’s bookkeeper received an email appearing to be from Barbara’s assistant, sending an invoice and approving the charge.

But this was no regular email from the assistant. In fact, it wasn’t from the assistant at all.

A hacker spoofed the email address from by omitting one single letter, from barbaracorcoran com to barbaracorcran.

The bookkeeper even responded to verify from which account to pay out...

Barbara basically looked at the invoice and thought “I like ya product”.

Like she said, she gets bills and she pays them.

This stresses how important it is to check for these things. And as a boss, it’s ever important to be approachable within your company.

The biggest takeaway here is that this isn’t even a “hack”. Nothing was breached. The criminal merely spoofed the company’s URL and that’s all it took.

For things like money, invoices and wire transfers, business email compromise is easier than ever. Fast moving, siloed companies have the biggest vulnerabilities to this.“I was upset at first, but then remembered it was only money,” Corcoran told PEOPLE.

If only we all felt that way.

Share on social media: 

More from the Blog

What is Social Engineering? Tactics, Techniques, and Prevention

Social engineering is a technique used by malicious hackers to obtain information, data, or access from the victim. Social engineering is also referred to as "human hacking". The hacker will often use a variety of techniques to get the victim to provide them with this information, such as authority level, fear, greed, or friendship.

Read Story

13 Important Security Awareness Training Topics for 2021

This blog post will examine some of the most common security awareness training topics, including phishing scams, social engineering, ransomware, and more. Educating your employees on these cyber security awareness topics will help your company stay secure, reduce human error, avoid data breaches, and become an overall security aware workforce.

Read Story

Never miss a post.

Enter your email below to be added to our blog newsletter and stay informed, educated, and entertained!
We will never share your email address with third parties.