Increasing accessibility of digital tools are making everyday tasks more convenient. Nepal is also especially open to new technologies, with Nepalis even emerging as early adopters. When ChatGPT was launched in July 2023, Nepal was the second-highest contributor to its growth on Google Search. This receptivity is encouraging. On the flip side, incidents of digital scams, phishing, hacking, and cyberbullying are on the rise. As Nepal undergoes a swift digital transformation, lack of strong regulation and widespread digital illiteracy is bound to create fertile ground for cybercrime.

According to the Nepal Police Cyber Bureau, the number of cybercrime cases has grown eight-fold in the past five years. In the fiscal year 2019/20, 2,301 complaints were filed; in 2024, the number was 19,730. By April of the previous fiscal year, the bureau had received 13,426 cybercrime complaints, including 217 involving scams with eSewa, Khalti, and bank accounts. A decade ago, cybercrime was rare and not so complex. However, these crimes have now become a significant threat to the digital space in Nepal. What’s more, many young people have become ‘money mules’, as according to a 2024 FIU-Nepal Strategic Analysis Report, 70 percent of individuals involved in cyber-enabled frauds are between 19 and 30.

You don’t have to dive deep into the digital rabbit hole to fall victim to cybercrime. Fraudsters increasingly use phishing to lure users in order to steal their private information. When a person unexpectedly receives an SMS alert that appears legitimate, warning of suspicious activity in their account and urging them to click a link, it becomes easy to fall for the deception. Many end up clicking the link and entering their password, unknowingly handing scammers access to their digital wallets. As scammers are now exploring alert codes meant for law enforcement, ambulances, and other emergency services, people may develop trust issues with credible alerts. Although the methods may vary—from fake online loan repayment schemes to fraudulent stock market training programs—they often lead to device hijacking, theft of bank details, and unauthorised fund withdrawals.

The root of the problem lies in the country’s careless adoption of technology without considering the challenges it invites. For example, the introduction of the National Identity Card was a significant move toward digitalisation, aiming at merging documents like voter ID, citizenship, and driving license into one smart chip. However, besides managerial failures, the issue of data privacy is also concerning as Nepal neither has the knowledge nor the budget to secure data. Moreover, government data in Nepal too is vulnerable to cyberattacks. In January 2017, Nepal experienced a large government system breach when a hacking group known as “Paradox CyberGhost” infiltrated 58 official websites. Just four years prior, the official website of the President of Nepal was hacked.

While cybercrimes are becoming increasingly sophisticated with the rise of AI, Nepal continues to rely on the outdated Electronic Transactions Act (ETA), introduced 17 years ago. Among its many limitations, the ETA fails to adequately address critical issues such as online child sexual abuse. As we push for progressive digital policies, equal attention must go to strengthen the institutions responsible for enforcement. The Cyber Bureau remains severely understaffed and under-resourced, limiting its ability to respond effectively.

Similarly, it’s essential to recognise that many cybercrimes can be prevented through digital literacy and awareness. Investing in comprehensive, age-inclusive digital education campaigns is thus vital. If we continue to allow a conducive environment for cybercrime, Nepal’s ambition for digital transformation will continue to face many unintended hurdles—and countless people will suffer in the process.