Kathmandu, June 2 -- Nepal Police's Cyber Bureau has warned of a surge in SMS phishing scams designed to steal banking credentials and drain funds from digital wallets and bank accounts.

In a press release issued on Friday, the bureau confirmed that attackers are exploiting compromised bulk SMS service accounts to send fake alerts mimicking trusted platforms like Khalti and ConnectIPS.

Bulk SMS systems are commonly used by banks, service providers, and organisations to broadcast alerts, OTPs, and transaction notifications to large user bases.

However, unauthorised access to these platforms, typically via compromised vendor credentials, has allowed attackers to disseminate deceptive messages that appear official.

The fraudulent message...