A free smartwatch gift cost an Egyptian 750 million pounds after cybercriminals allegedly used it to empty his accounts

A free smartwatch offer turned into a $15 million disaster for an Egyptian businessman, highlighting a sophisticated 'real-time phishing' scam. Scammers used AI to create fake bank login pages, tricking victims into revealing usernames, passwords,...

This "free gift" ad ended with a 750 million Egyptian pound loss. Image Credits: Pexels
It began with a harmless-looking ad: a free smartwatch, offered to existing bank customers as a thank-you gift. One tap later, and an Egyptian businessman had handed scammers his entire life savings without them ever having to break into his bank systems at all. According to Al Arabiya, which first reported the incident, the man lost a bank deposit of 750 million Egyptian pounds, or around 15 million US dollars at current rates, in one transaction.

A banking official commenting on the case said the money was not stolen through any breach of the bank’s systems. The account holder himself gave it up, willingly, one tap and one code at a time.

How a single click became a 15 million dollar mistake
The scam began with a slick, professional-looking ad on social media offering a free smartwatch to existing customers of a well-known bank. Clicking it led to a page designed to look like an almost exact copy of the bank's real website, complete with colors and logo. That’s the sort of detail that required real design skill and time in the past. Not anymore.


Security experts who reviewed the case said the fake page appeared to have been built with artificial intelligence tools, which are increasingly common in this type of fraud. Criminals are increasingly turning to generative AI to generate convincing fraudulent messages and fake web pages, as it reduces the cost and skill needed to run a convincing scam, the FBI says.

Image
Scammers now use AI to build fake banking pages nearly impossible to tell apart from the real ones. Image Credits: Pexels
Once on the fake page, the victim typed his real username and password. Those details were passed straight through, in real time, to the bank's actual website, so his own bank sent him a proper one-time verification code, the same six-digit code you'd expect at any normal login. Then the fake page asked him to enter that code too, saying it was the last step to claim his gift. At that point, scammers had everything they needed to move the deposit out of his account.

Why banks call this "real-time phishing"
Among security researchers, the technique has a name: real-time phishing, or an adversary-in-the-middle attack. This isn’t like old phishing scams where someone would steal a password and use it later. Here, the stolen information is instantly relayed to the real bank while the scam site quietly sits in the middle. According to the Cybersecurity and Infrastructure Security Agency (CISA), even codes generated by authenticator apps, not just text messages, remain vulnerable to this kind of live proxy attack, since the code can still be intercepted and reused within its short window of validity.
ADVERTISEMENT

That makes the scam especially dangerous. Nothing about the experience feels wrong. The password is working. The verification code arrives from the real bank on time. There is no error message, no delay, and no visible red flag because each step is happening with the real institution. The only fake thing was the page in between.

Image
A fraud alert can arrive within minutes, but real-time phishing scams work even faster. Image Credits: Pexels
A scam built for the AI era
What’s different about this case compared to older phishing schemes is not the greed hook; free gifts have lured victims for decades. It’s the speed and polish behind it. Security experts who examined the fake page found no obvious giveaways: proper branding, correct colors, and a login flow that behaved exactly like the real one because, technically, it was routeing through the real one in real time.

The FBI says criminals are increasingly employing generative AI to create convincing fake pages, making scams that once required a small team of designers and coders to execute cheaper and easier. That change means attacks such as this one are no longer confined to sophisticated fraud rings. Today, one scammer with the right AI tools can make a bank clone page in minutes.

The Egyptian case also exposes a weakness that banks have struggled to design around. CISA says real-time relay attacks can still take advantage of single-use codes from authenticator apps because the code is valid at the moment it is issued, whether the person entering it is on the real site or a fake site positioned in the middle. The £750m loss for the businessman is a stark reminder of how sophisticated the technology behind these scams has become, and how little friction there now is between a tempting ad and an emptied bank account.
Download
The Economic Times Business News App
for the Latest News in Business, Sensex, Stock Market Updates & More.
Download
The Economic Times News App
for Quarterly Results, Latest News in ITR, Business, Share Market, Live Sensex News & More.
READ MORE
ADVERTISEMENT

READ MORE:

LOGIN & CLAIM

50 TIMESPOINTS

More from our Partners

Loading next story
Business News › News › International › US News › A free smartwatch gift cost an Egyptian 750 million pounds after cybercriminals allegedly used it to empty his accounts
Text Size:AAA
Success
This article has been saved

*

+