"Shark Tank" millionaire Barbara Corcoran was conned out of nearly $400K in a phishing scam.
Speaking with ABC News, Corcoran confirmed Thursday her financial team wired $388,000 "into a false bank account in Asia," but added, after seeing the correspondence between the crook and her bookkeeper Christine, she realized the cleverly devised plan could have fooled almost anyone.
"When she showed me the emails that went back and forth with the false address, I realized immediately it's something I would have fallen for if I had seen the emails," Corcoran said.
The emails began last week. The first message came from the con artist pretending to be Corcoran's assistant, Emily, requesting Christine to approve payment to a Germany company, FFH Concept.
"What is this? Need to know what account to pay out of," Christine responded, to which she received a detailed explanation about the payment in question. It was only after the $388,700.11 was transferred that Corcoran's team noticed a discrepancy in the sender's email address. An "O" was missing – something that could have easily been overlooked by anyone.
"Someone sends you a bill, it's paid," Corcoran said. "And this one instance, it was not a good strategy."
The original emails were traced back to a Chinese IP address. The money is gone but Corcoran's attorneys are plotting their next move.
Phishing scams are on the rise, but there are measures that can be taken to safeguard yourself.
Staying informed of the latest phishing techniques is arguably the most important step, Phishing.org recommended. Installing an anti-phishing toolbar, using firewalls and keeping your browser up to date are other precautions worth taking.
"Shark Tank" star Robert Herjavec, who grew his wealth through a tech company, advised approaching all emails tentatively.
"85% of all cybercrime across the world comes through email, which is what happened to Barbara," he said, per ABC News. "This is very, very common. It's been happening of businesses for two, three years now. It's now happening to individuals.
"Always verify that the email is coming from somebody you trust. Get that person to call you. Number two, check your bank statements every single day, because if you catch it within 48 hours, the bank can get it back for you."