A free smartwatch gift cost an Egyptian 750 million pounds after cybercriminals allegedly used it to empty his accounts
A free smartwatch offer turned into a $15 million disaster for an Egyptian businessman, highlighting a sophisticated 'real-time phishing' scam. Scammers used AI to create fake bank login pages, tricking victims into revealing usernames, passwords,...

A banking official commenting on the case said the money was not stolen through any breach of the bank’s systems. The account holder himself gave it up, willingly, one tap and one code at a time.
How a single click became a 15 million dollar mistake
The scam began with a slick, professional-looking ad on social media offering a free smartwatch to existing customers of a well-known bank. Clicking it led to a page designed to look like an almost exact copy of the bank's real website, complete with colors and logo. That’s the sort of detail that required real design skill and time in the past. Not anymore.
Security experts who reviewed the case said the fake page appeared to have been built with artificial intelligence tools, which are increasingly common in this type of fraud. Criminals are increasingly turning to generative AI to generate convincing fraudulent messages and fake web pages, as it reduces the cost and skill needed to run a convincing scam, the FBI says.

Why banks call this "real-time phishing"
Among security researchers, the technique has a name: real-time phishing, or an adversary-in-the-middle attack. This isn’t like old phishing scams where someone would steal a password and use it later. Here, the stolen information is instantly relayed to the real bank while the scam site quietly sits in the middle. According to the Cybersecurity and Infrastructure Security Agency (CISA), even codes generated by authenticator apps, not just text messages, remain vulnerable to this kind of live proxy attack, since the code can still be intercepted and reused within its short window of validity.
That makes the scam especially dangerous. Nothing about the experience feels wrong. The password is working. The verification code arrives from the real bank on time. There is no error message, no delay, and no visible red flag because each step is happening with the real institution. The only fake thing was the page in between.

What’s different about this case compared to older phishing schemes is not the greed hook; free gifts have lured victims for decades. It’s the speed and polish behind it. Security experts who examined the fake page found no obvious giveaways: proper branding, correct colors, and a login flow that behaved exactly like the real one because, technically, it was routeing through the real one in real time.
The FBI says criminals are increasingly employing generative AI to create convincing fake pages, making scams that once required a small team of designers and coders to execute cheaper and easier. That change means attacks such as this one are no longer confined to sophisticated fraud rings. Today, one scammer with the right AI tools can make a bank clone page in minutes.
The Egyptian case also exposes a weakness that banks have struggled to design around. CISA says real-time relay attacks can still take advantage of single-use codes from authenticator apps because the code is valid at the moment it is issued, whether the person entering it is on the real site or a fake site positioned in the middle. The £750m loss for the businessman is a stark reminder of how sophisticated the technology behind these scams has become, and how little friction there now is between a tempting ad and an emptied bank account.
The Economic Times Business News App for the Latest News in Business, Sensex, Stock Market Updates & More.
The Economic Times News App for Quarterly Results, Latest News in ITR, Business, Share Market, Live Sensex News & More.