Nepse AI Scam: Cybersecurity Expert Reveals Rs 800 Million Theft; Police Issue Urgent Warning

Kathmandu: A major financial fraud is sweeping Nepal through a mobile application called Nepse AI. Victims are being tricked into downloading the app with false promises of huge profits from the stock market using artificial intelligence (AI). Once installed, hackers take remote control of the victim’s phone, empty their bank accounts, and delete all evidence.

Cybersecurity expert Saroj Lamichhane says the scale of the fraud is massive, with more than Rs 800 million stolen so far. “This is not a small theft, it’s organized, planned, and ongoing,” he warns.

Expert’s Firsthand Accounts of Victims

Last week, Lamichhane recounted a case in which an unknown person suddenly deposited Rs 114,000 into the account of his acquaintance. When they tried to trace the sender, no contact was found, and soon after, the bank account was blocked.

“Later, we learned that the Cyber Bureau had sent a letter instructing the bank to block the account. They contacted the sender, and we discovered he was actually a victim. His laptop had been hacked, and the money was sent to the acquaintance’s account. The hacker likely obtained the acquaintance's bank details because he runs an egg shop where his QR code is openly displayed,” Lamichhane wrote in a LinkedIn post.

In another case, another acquaintance contacted him on Sunday and sent someone to his office. More than Rs 1.4 million had been transferred from the person’s account to a single bank account within a week. “There were multiple transactions, with money also sent to other wallets. But he hadn’t made those transfers,” Lamichhane said.

Investigations revealed that both victims had installed the Nepse AI app after seeing ads on Facebook and Instagram.

How the Scam Works

In the first case, after the victim installed the app, a remote session was initiated, and the app disappeared from the phone. Only the bank statement showed the money transfers. Both victims used Android devices.

“Many banks send two-factor authentication codes via email. If a hacker gains access to the browser or mobile, it’s game over,” Lamichhane explained. “The app’s website changes frequently. When the first victim called their number, a Nepali-speaking person helped install the app. This confirms that local people are involved.”

In the latest reported case, Lamichhane said, the victim’s laptop was completely wiped, leaving only the BIOS. “Someone must have deleted all the data to destroy the evidence,” he added.

Police Confirmation and Official Warning

The Central Investigation Bureau (CIB) of Nepal Police has confirmed the fraud and issued an urgent public warning. In a press release on Tuesday, the CIB stated that millions of rupees have already been stolen through Nepse AI and urged people to avoid downloading the app under any circumstances.

The bureau highlighted a case in which a victim, identified by the code name “John Doe,” lost Rs 286,101 after downloading the app from a Facebook ad. After the theft, his phone screen went blank, and all data and apps were erased.

According to the CIB, fraudsters use “remote sessions” to take full control of a victim’s phone, transfer money, and delete files to eliminate evidence. The bureau has warned against trusting social media ads on Facebook, TikTok, and Instagram that promote quick profits using AI stock trading.

CIB and Expert Tips to Stay Safe

• Install apps only from official sources such as Google Play Store or Apple App Store.

• Never install apps from ads, links, or phone calls, especially those requesting banking or trading access.

• Avoid giving remote access to your devices via tools like AnyDesk or TeamViewer.

• Use SMS, not email, for two-factor authentication codes, as email accounts are easier to hack.

• Change passwords regularly and avoid reusing them across multiple sites.

• Check your bank statements daily and report suspicious transactions immediately.

• Do not click on financial tool ads on Facebook or Instagram without verifying them from an official source.

• Keep your devices updated and install antivirus and antimalware software.

• Report any suspicious activity to your bank, the nearest police office, or the Cyber Bureau without delay.

• Warn friends and family, many victims are unaware such fraud exists.

Lamichhane stressed that the government should act immediately. “Relevant agencies must issue public notices to stop more people from falling victim. This is a very serious matter,” he said.

The police echo his warning: If you see the Nepse AI app, stay away, it could cost you everything in your bank account.

 

पछिल्लो अध्यावधिक: साउन २८, २०८२ ११:१६

टिप्पणीहरू