In 2024, Business Email Compromise (BEC) and Funds Transfer Fraud (FTF) accounted for the majority of cyber insurance claims, according to Coalition Insurance. The company’s 2025 Cyber Claims Report, released this month, revealed that these incidents made up 60% of claims.
While ransomware remains the most disruptive and costly cyberattack, claims related to BEC and FTF have been consistent over the past three years. However, the report noted that while the frequency of BEC and FTF incidents remained largely unchanged, the severity of these attacks has increased.
Increased Severity in BEC Attacks
BEC claims saw a 23% increase in severity from 2023 to 2024, with an average loss of $35,000. The report attributes this rise to higher costs in legal expenses, incident response, and data recovery efforts.
Meanwhile, the severity of FTF claims dropped by 46%, with the average loss falling to $185,000 from a record high of $340,000 in 2023. Researchers believe this decline is due to changes in how financial institutions handle large transactions, such as holding them for longer periods.
Despite the drop in FTF severity, the report highlighted the volatility of these incidents. In one case in late 2024, a $9.3 million fraudulent transfer was successfully recovered by Coalition.
Social Engineering Fuels BEC and FTF Scams
Both BEC and FTF scams rely heavily on social engineering, where attackers impersonate trusted individuals or organizations to deceive victims into transferring funds or revealing sensitive data. The FBI has reported BEC incidents in all 50 U.S. states and 186 countries, with global losses exceeding $55 million in 2023 alone.
The rise of AI tools and deepfake technology is making these scams more sophisticated, with attackers using more convincing phishing messages and realistic video/audio impersonations to trick victims.
Ransomware Attacks Decline
Ransomware attacks, although still highly damaging, saw a 3% decrease in frequency, with ransom demands dropping by 22% year-over-year to $1.1 million. In the second half of 2024, the average ransom demand even fell below $1 million for the first time in two years.
Akira ransomware was the most commonly reported variant, followed by Play, MedusaLocker, RansomHub, and Fog.
Cyber Insurance Trends and the Role of AI
The Coalition report comes amid growing challenges in the cyber insurance sector, as clients face increasingly sophisticated attacks. Fortune Business Insights predicts the global cyber insurance market will grow from $20.88 billion in 2024 to $120.47 billion by 2032.
To address these challenges, companies are developing tools to help organizations access and understand cyber insurance coverage. Cork Protection recently introduced an AI tool for analyzing insurance policies, while Todyl partnered with Spectra to simplify the certification and coverage process for Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs).
Cybersecurity experts emphasize the importance of email filtering systems that can detect malicious attachments and links. Jack Gold, principal analyst at J. Gold Associates, added that training employees to recognize phishing attempts is crucial for mitigating risks.
