We have been made aware of a sophisticated scam falsely using PocketSmith’s name and branding to target individuals in different countries. We've seen people targeted in Europe, the US, and Australasia.

The scammers reach out to victims on behalf of a fake foundation, with a promise of a "reward" or a "grant". They provide victims with credentials for a PocketSmith user account the scammers have created, containing fake accounts and financial transactions, giving the appearance of money which is ready to be withdrawn. In some cases, they've also sent the victim a counterfeit Mastercard card branded as “Pocket Smith Bank.”

PocketSmith is not a bank.

We are an app used to get insights into your financial life, for example, seeing where you spend your money and helping you budget.

The money you see in PocketSmith is not real; it's just data that has been imported for reporting purposes only.

We do not issue debit or credit cards, process deposits or withdrawals, or offer cash rewards. Our goal in sharing this is to help you quickly recognise this scam, protect yourself, and stop scammers from targeting others.

What this scam looks like

The information below is based on information we’ve received from potential and actual victims of the scam. We’ll update these details as we learn more or as the scammers change tactics.

People are led to believe that PocketSmith is a bank, which stores money in accounts that can be withdrawn from. Because we're a personal finance application that presents people's financial information — with accounts, transactions and balances — this is an easy thing to believe without research.

The scammers contact potential victims with a promise of a "reward" or a "grant", totalling thousands of dollars. The scammers claim to represent some legitimate-sounding foundation or non-profit, such as the Stevie Nicks Foundation or the United Legacy Foundation. The scammers will prey on life events or religious beliefs in order to establish trust with the victim.

Once the victim has shown interest in the purported grant or reward, they're asked to pay the scammers a "one-time activation fee" of around $150 or $175, in the local currency of the victim. Following payment of this "fee", the scammers make use of the sunk-cost fallacy, to extract further money from the victims.

Then, either before or after this "activation fee" request — depending on how willing the victim is — the scammers will:

  1. Set up a PocketSmith account for the victim
  2. Add a fake bank account and fake "reward" transactions to that account manually
  3. Send screenshots (primarily from the PocketSmith mobile app) to the victim as "proof" of the money waiting for them in "Pocket Smith Bank"
  4. Provide the victim with the login details for the account, asking them to change the email address of the account to their own

From there, the depth of sophistication of the scammers becomes very clear. Once the activation fee has been paid, they'll send the victim what is meant to look like a real Mastercard, with "Pocket Smith Bank" printed on it and a fake card number. Blank cards with a chip on them are very readily available online, and once printed with a readily available card printer, they're very convincing.

Fake Mastercard produced by scammers, with 'POCKET SMITH BANK' on the card Fake Mastercard produced by scammers, with "POCKET SMITH BANK" on the card

We've heard from a few people at various stages of this scam now. Going by the patterns that we've seen with the cases so far, there have been no unreported cases so far — but we're constantly running detections to highlight any suspicious behaviour given what we've seen above.

These are moving goalposts. While the playbook above appears to be roughly consistent across all cases, the exact method that the scammers are using varies. We remain vigilant and will reach out to any victims we're able to identify prior to them getting in touch with us.

How to protect yourself

If you receive any unexpected communication claiming to be from PocketSmith and offering rewards, bonuses, or a card:

  1. Stop all contact with the sender. Do not reply, click any links, or provide personal details.
  2. Do not give remote access to your device to anyone claiming to help you claim money.
  3. Do not make payments or transfer money in order to receive a reward.
  4. Secure any accounts that were shared with the scammer, including changing your email password if required.
  5. Report the scam to your local fraud or cybercrime authority.
  6. Contact us at [email protected] and let us know if you believe you’ve been caught in the above scam.

Remember

PocketSmith is a subscription-based personal finance manager. We provide tools to view and organise your financial information, but we never move or hold your money. Any transactions showing money "available" in PocketSmith as part of this scam are fake entries created by the scammer.

Our commitment to privacy and security

Your privacy and security are central to everything we do. PocketSmith only stores the data you choose to share with us, and all sensitive information is protected using industry-standard encryption.

We never ask for your passwords to other services over email, phone, or messaging apps, and we never request remote access to your device. We do not provide pre-created accounts to people and will never provide you with a PocketSmith username and password via email or phone calls.

If someone contacts you claiming to be from PocketSmith and asks for these things, it is not us.

You can read more about how we protect your data on our Security page.

Need help or want to report a scam?

If you’re unsure whether a message you’ve received is legitimate, please contact us first. We’ll confirm whether it’s real and help you stay secure.

Email us at: [email protected]

© PocketSmith Ltd. All rights reserved