“Shark Tank” star Barbara Corcoran has been swindled out of just under $400,000 in an email phishing scam, according to People.
“I lost the $388,700 as a result of a fake email chain sent to my company,” said Corcoran. “It was an invoice supposedly sent by my assistant to my bookkeeper approving the payment for a real estate renovation. There was no reason to be suspicious as I invest in a lot of real estate.”
Here’s what happened:
Barbara’s bookkeeper received an email appearing to be from Barbara’s assistant, sending an invoice and approving the charge.
But this was no regular email from the assistant. In fact, it wasn’t from the assistant at all.
A hacker spoofed the email address from by omitting one single letter, from barbaracorcoran com to barbaracorcran.
The bookkeeper even responded to verify from which account to pay out…
Barbara basically looked at the invoice and thought “I like ya product”.
Like she said, she gets bills and she pays them.
This stresses how important it is to check for these things. And as a boss, it’s ever important to be approachable within your company.
The biggest takeaway here is that this isn’t even a “hack”. Nothing was breached. The criminal merely spoofed the company’s URL and that’s all it took.
For things like money, invoices and wire transfers, business email compromise is easier than ever. Fast moving, siloed companies have the biggest vulnerabilities to this.
“I was upset at first, but then remembered it was only money,” Corcoran told PEOPLE.
If only we all felt that way.