Fake Google Pay 'Pocket Money' / PhonePe 'UPI Circle' Feature — How to Identify & Stay Safe

INDIA — By BharatSecure Threat Intelligence Team · Updated May 30, 2026

Severity: MEDIUM | View Full Scam Details

Beware in 2026: Fake Google Pay 'Pocket Money' & PhonePe 'UPI Circle' Phishing Scam in India

Millions of Indian users of popular UPI apps like Google Pay and PhonePe are being targeted by a phishing scam promising new “Pocket Money” or “UPI Circle” features — a trick to steal your money and personal data.

What Is the Fake Google Pay 'Pocket Money' / PhonePe 'UPI Circle' Feature?

This scam exploits popular Indian UPI wallets Google Pay and PhonePe by falsely claiming the apps have launched new, exclusive features such as “Pocket Money” on Google Pay or “UPI Circle” on PhonePe. These fake promotions lure users by offering extra cashback, rewards, or easy money transfers, especially targeting young users and parents managing pocket money for children.

According to reports from consumers lodged with police and cybercrime complaint portals, these phishing attempts spread via WhatsApp messages, SMS, and social media shares inviting users to click on suspicious links or download unauthorized apps claiming to enable these features. Fraudsters impersonate official communications to make the trick appear credible.

Though still at a medium risk level (risk score 5/10), this scam is well-spread across metro and smaller cities due to the massive popularity of UPI payments in India. The Reserve Bank of India (RBI) and CERT-In have issued general advisories to beware of phishing links and unauthorized apps related to digital payments, though no specific advisory has named this scam yet.

How This Scam Works — Step by Step

1. Initial Contact: You receive a WhatsApp or SMS message that looks like it’s from Google Pay or PhonePe. It talks about a new “Pocket Money” or “UPI Circle” feature providing cashback or easy transfers.

2. Fake Link or App Download: The message contains a link to a fake login page or urges you to download an unofficial version of the app or a plugin.

3. Credential Phishing: When you enter your UPI PIN, OTP, or login credentials on the fake page/app, the fraudsters capture these details.

4. Unauthorized Transactions: Using the stolen credentials, the fraudsters initiate UPI transactions from your bank account, often to accounts set up for quick withdrawal, sometimes even immediately draining your balance.

5. Follow-up Social Engineering: Victims may then receive calls from “support agents” claiming to help recover funds, only to extract more details or payments for fake “refund fees.”

Real Warning Signs to Watch For

• Messages urging immediate action or limited-time offers to activate “Pocket Money” or “UPI Circle”
• Links that lead to non-standard URLs instead of official Google Pay or PhonePe domains
• Requests to enter UPI PIN, OTP, or bank details outside the official app interface
• Receiving messages from unknown or suspicious numbers impersonating app customer care
• Prompts to download apps or plugins from unofficial app stores or websites
• Unsolicited calls after clicking the link, especially asking for personal or banking information
• Promises of unrealistic cashback or money offers with no verification via the official app

What Happens to Victims

Victims often face sudden and unexplained bank debits through UPI, sometimes losing thousands of rupees without immediate means to reverse transactions. While RBI regulations support dispute resolution for fraudulent UPI payments, once funds move to fraudsters’ accounts or are cashed out, recovery becomes complicated.

Emotionally, victims face stress, anxiety, and erosion of trust in digital payments, which are critical to daily life in India. If the victim’s Aadhaar or mobile number is linked with fraud accounts, this can complicate matters — especially if a SIM swap follows, potentially allowing further identity theft or unauthorized access.

Cybercriminals’ sophisticated social engineering also leaves victims vulnerable to additional scams posing as “help” — compounding financial and psychological harm.

What RBI and CERT-In Say

The Reserve Bank of India (RBI) regularly emphasizes never to share your UPI PIN or OTP with anyone and to verify the authenticity of digital payment platforms. It urges users to only transact via official apps downloaded from trusted sources like Google Play Store or Apple App Store.

CERT-In advises users to be wary of unsolicited links, never to install third-party apps for financial transactions, and to report phishing and fraud attempts immediately to cybercrime authorities. The National Cyber Crime Reporting Portal (cybercrime.gov.in) and the 1930 helpline exist to register complaints related to such frauds.

RBI’s Ombudsman Scheme provides a mechanism to escalate unresolved payment disputes.

How to Protect Yourself

1. Only use official Google Pay or PhonePe apps downloaded from trusted app stores.
2. Ignore unsolicited messages claiming new features like “Pocket Money” or “UPI Circle.”
3. Do not click on links urging you to activate offers or download additional apps/plugins.
4. Never share your UPI PIN, OTP, or Aadhaar details with anyone, including “customer care” agents who call you.
5. Verify any offers or new features directly within the official app or through official support channels.
6. Enable app lock or biometric security on your UPI apps to add an extra layer of protection.
7. Regularly review your bank and UPI transaction statements for any unauthorized payments and act fast if noticed.

What to Do If You've Been Targeted

• Immediately block your UPI transaction using your bank or UPI app’s “Block Payment” or “Stop Payment” feature.
• Contact your bank’s customer care helpline to report unauthorized transactions and request account blocking if necessary.
• File a complaint on the National Cyber Crime Reporting Portal at cybercrime.gov.in.
• Report the incident by calling the 1930 cybercrime helpline for guidance and rescue measures.
• Change your UPI PIN and any linked app passwords after the incident.
• Keep a record of all communication and transaction IDs to assist police or banking authorities.
• If SIM swap or Aadhaar misuse is suspected, notify your mobile operator and UIDAI immediately.

Frequently Asked Questions

Q: Is the ‘Pocket Money’ or ‘UPI Circle’ feature real in Google Pay or PhonePe?
A: No, these features are not officially launched by either app. Any message or link offering these is likely a phishing attempt.

Q: Can UPI transactions be reversed if done fraudulently?
A: UPI payments are usually instant and irrevocable. However, banks can help investigate and may recover funds if reported promptly.

Q: How can I verify if a message about a new feature is authentic?
A: Always check official app updates or announcements and avoid clicking links in unsolicited messages. Contact customer care directly for confirmation.

Stay vigilant—always verify before you act! If unsure, check suspicious messages on BharatSecure.app and report fraud immediately by calling 1930.

Disclaimer: This article describes a pattern of fraud reported in public sources for public-safety awareness. It is not legal, financial, or medical advice. To request correction or removal of any content, write to hello@bharatsecure.app.