Site icon Tech News Nepal

Everest Bank Issues Cybersecurity Alert During Festive Season

6th October 2025, Kathmandu

The public warning issued by Everest Bank Limited (EBL) is a timely and critical communication aimed at protecting its customer base from escalating cyber threats, which are known to surge during Nepal’s major festive season, particularly around Dashain.

EBL’s Cybersecurity Alert

The bank’s proactive stance in advising customers to remain vigilant against a specific set of fraudulent activities underscores the very real risks associated with increased digital transactions and the psychological distractions of national holidays. This advisory is a vital component of the bank’s commitment to being “Stable, Strong, and Reliable” by ensuring the financial safety of its patrons.

1. Contextualizing the Elevated Threat During Dashain

The period surrounding the Dashain festival is a high-risk environment for cybercrime for several sociological and economic reasons specific to Nepal:

Increased Financial Activity: Dashain is synonymous with increased spending, cash flow, and financial transfers. The tradition of receiving Dakshina (money/gifts) and the need to travel often necessitate more frequent use of digital wallets, mobile banking, and ATMs. This surge in digital traffic creates more opportunities for criminals to hide their fraudulent activities.

The Lure of ‘Bonus’ and ‘Discount’ Scams: The festive spirit creates a temporary lowering of caution. Scammers exploit this by using tempting language like “Dashain bonuses,” “lucky draws,” or “special discounts.” As confirmed by general security analysis in Nepal, these scams create a sense of urgency and false excitement, manipulating victims into believing they are missing out on a genuine offer from the bank or a well-known retailer.

Customer Distraction: People are preoccupied with travel, family gatherings, and festivities, making them less attentive to the red flags of a phishing message or a suspicious phone call. The festive mood is a significant psychological vulnerability that criminals target.

2. Analysis of the Specific Scam Modus Operandi

EBL’s warning highlights classic and highly effective social engineering tactics:

A. Phishing via Fake SMS and Social Media
The fraudulent messages, whether delivered via SMS, Viber, WhatsApp, or fake social media pages, are designed to create a convincing illusion.

Bait: The messages use the bank’s name or logo and offer a financial incentive (“Dashain bonus”).

Mechanism: The message contains a suspicious link that users are urged to click to “claim” the offer or “verify” their account. This link leads to a spoofed (fake) website meticulously designed to look like the official EBL login page or a survey form.

Objective: To steal login credentials (username, password) and, most critically, the One-Time Password (OTP).

B. Vishing (Voice Phishing) and Credential Theft
Though not explicitly mentioned, the request for sensitive information like PINs, OTPs, or passwords is a hallmark of Vishing, where a scammer calls the customer, often posing as a bank representative. The fraudster might claim:

“We are processing your Dashain bonus, we just need the OTP you received to finalize the transfer.”

“Your account has been temporarily locked due to suspicious activity; please provide your PIN and password to verify your identity.”

The bank’s stern advisory that its legitimate communications will never ask for this confidential information is the single most important defense against these types of attacks. Customers must understand that a bank will never call or message asking for their private security credentials.

3. Elaborating on the Essential Safety Tips

The safety tips provided by Everest Bank Limited are the standard best practices in digital security, and their reiteration is crucial for customer protection:

EBL Tip Detailed Explanation and Importance

4. The Critical Role of 24/7 Customer Support

By providing 24/7 contact channels—two toll-free numbers and an email address—EBL ensures that its security commitment is active around the clock. The availability of 24/7 support is vital during a festive period, where immediate response can mean the difference between preventing a fraud attempt and suffering a significant financial loss.

Immediacy: If a customer suspects they have clicked a fraudulent link or, worse, entered their details, they must contact the bank immediately. The sooner the bank is alerted, the faster it can freeze the account, reverse unauthorized transactions, and limit the damage.

Accessibility: The toll-free numbers (16600171718 / 18102171718) remove any financial barrier to seeking urgent help, making the bank’s security services readily accessible to customers across the country.

The bank’s final message, “Stable, Strong, and Reliable. Stay alert, stay safe from cybercrime”, is a powerful reminder of the shared responsibility in banking security. While EBL maintains the robust systems and infrastructure (the ‘Stable, Strong, and Reliable’ part), the customer’s vigilance and adherence to security protocols (the ‘Stay alert, stay safe’ part) are equally indispensable in the fight against cyber fraud.

For More: EBL’s Cybersecurity Alert

Exit mobile version