With the establishment of the Nepal Rastra Bank (NRB) in 1956 as the nation’s central bank, Nepal’s banking history got underway in the middle of the 20th century. In the 1950s and 1960s, early banks providing basic services such as Nepal Bank Limited and Rastriya Banijya Bank came into existence. Economic liberalization in the 1980s brought to the emergence of private and joint venture banks as well as the banking industry’s diversification. Foreign banks began to open up shop in the 1990s, bringing with them cutting-edge technology and global standards. The microfinance industry in Nepal grew, offering small business owners financial services. Digitalization gained traction in the 2000s, when banks started providing online and mobile banking services. Reforms targeting regulatory improvements, financial stability, and transparency have been fundamental to the sector’s ongoing evolution. Additionally, initiatives have been undertaken to advance financial inclusion by bringing banking services to isolated areas. Although the main points are included in this synopsis, Nepal’s banking history is intricate and multifaceted, reflecting the nation’s efforts to modernize its financial sector as well as its economic progress (Waqas, 2023).
The banking industry in Nepal has changed significantly in recent years, embracing new technologies and increasing service offerings. Customers now find the sector easier to access and more convenient because online and mobile banking services are widely available (Lee, 2003). This development has enhanced the allure of banking in Nepal by simplifying and streamlining financial activities for both people and companies. Not just for saving and credit, but banking has turned out to be part of every single transaction in today’s time. As per the report of Nepal Rastra Bank’s Bhadra, 2080 data – through total of 54 institutions (A, B and C class), there are 52, 183, 587 deposit accounts into existence with total of 21, 957, 692 mobile banking customers and total of 1, 888, 345 internet banking customers. There exists 12, 529, 875 debit card into existence through which customers are using banking services. This clearly means that in today’s context one big bunch of population are directly exposed to banking services.
Due to rising internet connectivity, smartphone usage, and bank attempts to improve their digital infrastructure, online banking has grown significantly in Nepal. The nation’s efforts to promote financial inclusion and digitization through government programmes have contributed to the growth of online banking services. As more consumers looked for contactless banking solutions, the COVID-19 epidemic also increased the growth of online transactions. Nepali banks have made investments in user-friendly, safe internet systems that provide remote financial management for their clients. Furthermore, internet banking has been essential in bringing financial inclusion to underbanked and unbanked communities living in rural regions. My information only goes to January 2022, but the trend probably continues. To get the most upto date information on the expansion of internet banking in Nepal, one should examine market research papers or official publications from the Nepal Rastra Bank and other respectable financial organizations.
In the current digital era, online banking scams are becoming more and more of a problem due to cybercriminals’ use of a variety of advanced strategies to take advantage of people and companies. Phishing emails and websites are popular fraud tactics that deceive people into disclosing personal information. Social engineering assaults use phone calls and social media manipulation to get unauthorized access to people’s accounts. Ransomware attacks harm both individuals and corporations by encrypting files and requesting money in order to restore them. Executive emails are compromised in business email compromise (BEC) cases in order to trick staff members into sending money or private information. When fraudsters use credentials, they have stolen to access accounts, it’s known as account takeover (ATO) and results in unauthorized transactions. Fraudulent mobile banking applications take use of malware and phoney programmes that target mobile devices. Leaked login credentials are used in credential stuffing, a technique that allows illegal access. Fraudsters can intercept authentication codes by switching SIM cards. Sophisticated technology allows for convincing impersonation for fraudulent reasons, such as deepfakes. In addition to putting strong security measures in place and educating clients to reduce risks, financial institutions also need to be vigilant, use unique passwords, two-factor authentication, and raise awareness in order to protect against these scams.
The Nepali police published a statement in January 2023 warning the public to be wary of persons who entice them on social media with false promises and demand money. The police said that some persons were requesting passports and citizenship documents under various pretenses, emphasizing the need for caution. The Kathmandu Police has received reports of an increase in digital banking fraud in recent times. Fraud groups have been active recently, and before travelling to work or study abroad, they demand information regarding bank accounts, citizenship certificates, and passports. Last year, there were over 5, 000 instances documented. Even on social networking sites, the con artists were advertising jobs abroad and requesting money in exchange for valuable personal data.
With introduction of digital banking practices that would come around, and with the trend of how banks started Core Banking Software (CBS), there are different forms of banking frauds which came into existence. Online fraud is described as ‘the experience of the person who responded to a fraudulent invitation, notification, offer or request through the web by providing personal detail or money, resulting in the suffering of a non-financial and financial loss or impact of some sort (Cross., et al, 2014). Followings are the types of online frauds that are prevalent in today’s context:
- Phishing: Phishing attacks have gotten increasingly realistic over time. Cybercriminals painstakingly construct emails and texts that mimic official correspondence from banks. Links to phoney websites that mimic legitimate financial gateways can be found in these messages. Unaware of the fraud, users provide their login information, giving scammers access to their accounts.
- Ransomware: Malware encrypts user files on their device, making them unreadable. This is known as ransomware assaults. In return for the decryption key, victims are sent a ransom demand. When vital data is encrypted and activities are disrupted until a ransom is paid, businesses are particularly vulnerable.
- Account Takeover (ATO): By obtaining login credentials, fraudsters can take over a user’s account using ATO assaults. Once inside, they have the ability to change account settings, carry out fraudulent activities, or even shut out the rightful account owner, which can lead to financial hardship and harm to one’s reputation.
- Mobile Banking Fraud: Cybercriminals fabricate fraudulent applications for mobile banking or take advantage of weaknesses in genuine ones. These programmes are downloaded by unsuspecting users, which gives hackers access to login information and the ability to carry out illegal transactions. The security of mobile banking activities is further compromised by malware that targets mobile devices.
- Credential stuffing is the practice of cybercriminals gaining access to several online platforms, particularly banking websites, by using stolen login and password combinations from prior data breaches. Automated systems take advantage of individuals’ propensity to repeat passwords across several accounts by methodically attempting these credentials.
- SIM Card Swapping: Con artists persuade cellular providers to move a victim’s phone number to a new SIM card that they own. Attackers can access online accounts and perform unauthorised transactions by intercepting SMS-sent authentication credentials.
- Deepfakes and AI-Based Attacks: Artificial intelligence is used by cutting-edge technology such as deepfakes to produce believable fake audio or video recordings. Cybercriminals can pose as real people in order to get private information or trick victims into committing fraud, which can seriously harm a victim’s finances and reputation.
- Business email compromise (BEC): BEC assaults focus on the channels of communication used by businesses. Executive email accounts are compromised by cybercriminals, giving them the ability to pretend to be senior authorities. Employees who follow their instructions may start wire transfers, alter payment methods, or divulge private information, which might result in data breaches and monetary losses.
- Social engineering: This tactic uses psychological manipulation of people to get private information. Cybercriminals may use phone spoofs to pose as bank staff in an attempt to coerce people into sharing account information. An analogous method is used by attackers to obtain personal data about targets on social media, which allows them to create phishing attacks that are both personalised and convincing.
A proactive strategy incorporating knowledge, robust authentication, and circumspect online behaviour is required to prevent online scams. Businesses and individuals may protect their authentication (2FA) for an extra layer of protection and creating unique, complicated passwords. It is essential to confirm the legitimacy of email sources, stay away from dubious links or downloads, and maintain all software, including antivirus software, up to date in order to stop vulnerabilities from being exploited. Use caution when using public WiFi. Reputable anti-malware software can identify and stop harmful assaults. In a paper of (Chewae., et al, 2015), it was noted that millions of internet users in the era of cutting-edge technology connected through online social networks. They concentrated on the impact social networking websites have on personal information. They also talked about how privacy risk might be reduced and how secrecy is a vulnerability. They emphasized the existing state of social network usage and the potential hazards to it. Monitoring credit card and bank statements on a regular basis facilitates the early detection of unauthorized activities. Scams may be avoided by safeguarding private information, such as Social Security numbers, and confirming any demands for money or sensitive data. To lessen the possibility of ransomware, it is also essential to backup sensitive data. Notifying banks and appropriate authorities about questionable actions helps combat fraud efforts and increases public awareness of the ever-evolving nature of schemes. There is a need for separate cells to take action related to online scams so that the citizens get justice (Ansar., et al, 2021). Being aware of the most recent scam tactics is essential to maintaining alertness. By using these procedures, people and companies may lower their chances of becoming victims of online fraud and preserve a safe online environment.
References
Ansar, S., Yadav, J., Dwivedi, S., Pandey, A., Srivastava, S., Ishrat, M., Khan, W., Pandey, D., Khan, P. R., & Khan, M. (2021). A Critical Analysis of Fraud Cases on the Internet. Turkish Journal of Computer and Mathematics Education (TURCOMAT), 12, 424-445.
Chewae, M., Hayikader, S., Hasan, M. H., & Ibrahim, J. (2015). How Much Privacy We Still Have on Social Network? International Journal of Scientific and Research Publications, 5(1), 1.
Cross, C., Smith, R. G., & Richards, K. (2014). Challenges of responding to online fraud victimization in Australia. Trends and Issues in Crime and Criminal Justice.
Lee, W. A. (2003). Progress Report from BITS on Fraud Prevention Effort. The American Banker, 1.
Waqas, S. (2023). Understanding Digital Fraud and Internet Scams.