Nepal’s Central Bank Flags Rising Cyber Risks as Digital Banking Use Accelerates

With digital banking rapidly becoming a primary mode of financial transactions, Nepal’s central bank has raised concerns over growing cyber risks linked to unsafe internet usage. The Nepal Rastra Bank has urged bank customers to remain vigilant, warning that transactions carried out through unsecured internet networks could expose users to serious financial losses.

The warning comes at a time when mobile and internet banking services are expanding across urban and semi-urban areas, driven by convenience and wider digital access. While this shift has strengthened financial inclusion, the central bank notes that it has also increased users’ exposure to cyber threats, particularly when basic security precautions are ignored.

Unsecured Networks a Major Vulnerability

According to Nepal Rastra Bank, public and free Wi-Fi networks—commonly found in cafés, hotels, airports, and shopping malls—pose a significant security risk. These networks are often inadequately protected, making it easier for cybercriminals to intercept sensitive banking data.

The bank has warned that hackers can exploit such networks to steal confidential information including login credentials, PIN numbers, and one-time passwords (OTPs). Once compromised, these details can be used to carry out unauthorized transactions, sometimes before users even realize a breach has occurred.

Convenience Without Caution Increasing Losses

Central bank officials say a growing number of digital fraud cases are linked not to system failures but to user negligence. Accessing banking platforms through unsafe connections, reusing passwords, or responding to fraudulent links has emerged as a common pattern in financial scams.

While banks continue to invest in stronger security systems, the central bank believes that careless user behavior remains a weak link. It has cautioned that repeated incidents of digital fraud could undermine public trust in online banking services and slow the broader digitalization of the financial sector.

Emphasis on Official Platforms and Strong Credentials

Nepal Rastra Bank has instructed customers to use only official bank websites and mobile applications for digital transactions. It has warned against fake apps and phishing links designed to mimic legitimate banking platforms, which are increasingly being used to deceive unsuspecting users.

The bank has also stressed the importance of regularly changing passwords and PIN codes, using strong combinations, and never sharing sensitive banking details with anyone. According to the regulator, even a single lapse can lead to significant financial damage.

Public Spaces Seen as High-Risk Zones

The central bank has identified public spaces as particularly high-risk environments for digital banking activities. Shared networks in such locations allow cybercriminals to monitor data traffic more easily, increasing the likelihood of information theft.

As a preventive measure, users have been advised to avoid financial transactions over public Wi-Fi and instead rely on secure private connections or mobile data networks. The bank says this simple step can significantly reduce exposure to cyber threats.

User Awareness Central to Digital Security

Beyond technical safeguards, Nepal Rastra Bank has emphasized that user awareness is the foundation of digital security. It has described informed users as the “first line of defense” against cybercrime.

The central bank has encouraged customers to stay informed about digital safety practices, keep their devices updated, and promptly notify their banks if they notice suspicious activity. It believes that greater awareness and responsible usage are essential to ensuring the long-term stability of Nepal’s increasingly digital banking system.

As digital transactions continue to rise, the central bank’s warning serves as a reminder that technological progress must be matched by caution, discipline, and informed use to protect both individual finances and the broader financial system.