A new phishing scam is targeting online banking users in Nepal by sending fake emails that appear to come from nBank Web Banking.
The message claims that your incoming payment “requires verification” due to recent activity and warns that your account will be suspended if you do not sign in immediately. While the email looks official, it is completely fake and designed to steal your banking login details.
The phishing message uses urgent language like “secure verification” and “account will be completely suspended” to trick users into clicking the sign-in link. However, the link does not take you to a real nBank page. Instead, it redirects to a suspicious URL hosted on a compromised website:
baytownmachinery.com/wp-content/plugins/gtranslate/nbanknabilbank
This alone is a major red flag, as official banks never use unrelated domains for customer login.
Cybercriminals often hide their phishing pages inside vulnerable WordPress websites by placing malicious folders inside plugin directories. The goal is to make the URL appear trustworthy at first glance. Once you enter your username and password on the fake page, attackers immediately capture your details and attempt to access your real banking account.
If you receive an email like this, do not click any links or provide any information. Delete the message immediately. Banks in Nepal never ask customers to verify payments through third-party websites, and they never threaten account suspension through email. Always check the official bank website or contact customer support directly if you are unsure.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
