Why is Cyber-Phishing increasing in Nepal, The lack of Cyber Security in Nepal?

  1. Home
  2. Blog
  3. Why is Cyber-Phishing increasing in Nepal, The lack of Cyber Security in Nepal?
Why is Cyber-Phishing increasing in Nepal, The lack of Cyber Security in Nepal?

Why is Cyber-Phishing increasing in Nepal, The lack of Cyber Security in Nepal?

Published by Nepal Lawyer Category : Criminal Law May 14, 2025 192 views

 

What is Cyber Phishing?

Cyber-Phishing maybe a new generation topic for Nepal but it has been a major problem in the world. Phishing is one kind of a cyberattack that uses fraudulent and deceptive emails, text, messages, phone calls or websites to trick and manipulate people into sharing confidential data, downloading malware or other cyber security disruptive data.

Instead of taking advantage of technological flaws, phishing is a type of social engineering that plays on human psychology. Attackers trick victims into disclosing private information, downloading malware, or jeopardizing security by using deceit, urgency, and impersonation such as phony emails, texts, or phone calls.

Phishing exploits human error and depends on trust, fear, or curiosity to succeed, in contrast to traditional cyberattacks that directly target systems. Typical strategies include posing as reliable organizations (such as banks or colleagues), fabricating crises (such as "Your account is locked!"), or providing fictitious incentives. Phishing continues to be one of the most prevalent cyberthreats due to its low technical skill requirements and potential for large rewards. A combination of employee training, email filtering, multi-factor authentication (MFA), and zero-trust security policies are needed to protect against it.

Types of Phishing Scams Currently Affecting Nepal

Based on recent alerts from Nepal's Cyber Bureau, here are the main types of phishing scams targeting Nepali citizens:

Email Phishing

  • Impersonation of banks, government agencies, or popular services like eSewa and Khalti
  • Emails claim account issues requiring immediate action
  • Contain fraudulent links to fake login pages designed to steal credentials
  • Often use urgency tactics ("Your account will be suspended in 24 hours")

SMS Phishing (Smishing)

  • Text messages containing malicious links
  • Common themes include fake package delivery notifications and mobile banking alerts
  • Messages often claim you've won prizes or need to verify accounts
  • May impersonate Nepal Telecom or Ncell with fake offers

Social Media Phishing

  • Fake Facebook pages mimicking legitimate businesses
  • Fraudulent Facebook Marketplace listings
  • Phishing through direct messages on platforms like Instagram and Viber
  • Fake investment opportunities shared through WhatsApp groups

Voice Phishing (Vishing)

  • Scammers calling and pretending to be bank representatives or government officials
  • Claiming issues with accounts that require sharing of OTPs or passwords
  • Targeting less tech-savvy individuals, particularly older citizens

QR Code Phishing

  • Fraudulent QR codes placed in public locations or sent digitally
  • When scanned, redirect to malicious websites
  • Often disguised as payment methods for services

Credential Phishing

  • Fake login pages for popular Nepali services and international platforms
  • Mimics design of legitimate sites but with slightly different URLs
  • Targets banking credentials, social media accounts, and email logins

 

Does Nepal have Cyber Phishing law?

Yes, Nepal has laws that address Cyber Phishing, primarily under the Electronic Transactions Act (ETA), 2063 (2008), which is the country's primary legislation governing cybercrimes.

Legal Provisions Against Phishing in Nepal

Electronic Transactions Act (ETA), 2063 (2008)

  • Section 47: Criminalizes the publication or distribution of illegal materials in electronic form, including fraudulent schemes like phishing. Penalties include up to 5 years imprisonment and/or a fine of up to NPR 100,000 357.
  • Section 52: Addresses computer fraud, which includes phishing scams where attackers deceive victims into revealing sensitive information (e.g., passwords, bank details). Punishment can be up to 2 years imprisonment and/or a fine of up to NPR 100,000 47.
  • Section 45: Prohibits unauthorized access to computer systems, a common method in phishing attacks. Penalties include up to 3 years imprisonment and/or a fine of up to NPR 200,000 511.

Banking Offence and Punishment Act, 2064 (2008)

Targets financial fraud, including phishing scams aimed at stealing banking credentials. Offenders face fines and imprisonment depending on the severity of the crime 11.

National Cyber Security Policy & Cyber Bureau

Nepal’s Cyber Bureau under the Nepal Police investigates phishing cases, while the National Cyber Security Centre (NCSC) works on prevention and awareness 29.

How to Report Phishing in Nepal?

Victims can report Phishing scams to:

  • Cyber Bureau of Nepal Police
  • Email: [email protected]
  • Phone: 9851286770 or 014219044 27.
  • National CERT (Computer Emergency Response Team) for technical assistance 9.
  • Challenges in Enforcement
  • Despite these laws, Nepal faces challenges like:
  • Low public awareness of phishing risks.
  • Limited cybersecurity infrastructure for tracking sophisticated attacks.
  • Cross-border cybercrime complexities, as many phishing operations originate outside Nepal.

Recent Cybersecurity Notices in Nepal

The Nepal Police Cyber Bureau has recently issued alerts regarding online scams and phishing attempts targeting Nepali citizens. Here are the key details:

The Cyber Bureau has urged the public to exercise caution when interacting with online content, specifically warning people not to click on or install software from suspicious links. This comes amid a rise in cybercrime incidents in the country.

  • Common scams currently targeting Nepali citizens include:
  • Fake investment schemes promising unrealistic returns
  • Phishing attempts via SMS and social media platforms
  • Job scams offering high-paying remote work opportunities
  • Banking fraud where scammers pose as bank representatives

The authorities recommend:

  • Verifying the source of any links before clicking
  • Not sharing personal or financial information with unverified contacts
  • Using strong, unique passwords for different online accounts
  • Keeping devices and software updated with the latest security patches
  • Reporting suspicious activities to the Cyber Bureau immediately
  • If you encounter suspicious online activity, you can report it to the Nepal Police Cyber Bureau through their official channels.

Conclusion: Protecting Yourself from Phishing Scams in Nepal

As phishing attacks continue to evolve and target Nepali citizens with increasing sophistication, staying vigilant is your best defense. The Nepal Police Cyber Bureau's warnings highlight the growing threat these scams pose to individuals and businesses across the country.

 

 

 

 

 

 

 

 

Share:
Other Blog
Categories
Popular Blogs
Submit Your Article

If you are you Lawyer/Law Firm and want to submit your article please contact we will help you to publish your article.

Contact Us
Browse Lawyers Alphabetically
Now, our lawyers can manage their client's record in digital database using our case management cloud system, and client can view their case status log in real time.
Chat with Us
Send us a message