Email-Based Cyberattacks Dominate 2024 Claims, Outpacing Ransomware in Frequency
A new report from San Francisco-based Coalition Insurance reveals that business email compromise (BEC) and funds transfer fraud (FTF) accounted for 60% of cyber insurance claims in 2024—far surpassing ransomware as the most common threat. While ransomware remained the most costly attack type, email-related incidents drove the majority of policyholder losses, with 29% of BEC attacks leading to fraudulent transfers.
The 2025 Cyber Claims Report, released this month, highlights a 23% increase in BEC severity year-over-year, with average losses rising to $35,000 per incident. Legal fees, incident response costs, and recovery efforts contributed to the spike. Meanwhile, FTF claims saw a 46% drop in severity, averaging $185,000 per case—down from a record $340,000 in 2023—as financial institutions improved fraud detection, flagging large transactions for review. Despite the decline, FTF losses remain volatile, with one 2024 case involving a $9.3 million fraudulent transfer that was later recovered.
Coalition successfully recovered $31 million in stolen funds for clients in 2024, averaging $278,000 per case. The report underscores the role of social engineering in these attacks, with threat actors using AI-enhanced phishing and deepfake audio/video to impersonate executives or trusted entities. The FBI reported that BEC scams in 2023 affected all 50 U.S. states and 186 countries, with losses exceeding $55 million.
While ransomware frequency declined by 3%, it remained the most damaging attack type, with average demands dropping 22% to $1.1 million—the first time in two years they fell below seven figures. Akira was the most prevalent ransomware variant, followed by Play, MedusaLocker, RansomHub, and Fog.
The cyber insurance market continues to evolve amid rising threats, with global spending projected to grow from $20.88 billion in 2023 to $120.47 billion by 2032. Insurers and cybersecurity firms are introducing AI-driven tools to streamline policy analysis and risk assessment, aiming to improve access and clarity for businesses.
Source: https://www.msspalert.com/news/bec-ftf-scams-drove-cyber-insurance-claims-coalition-says
FBI Cyber Division cybersecurity rating report: https://www.rankiteo.com/company/fbicyber
Coalition Space - Office Space, Coworking, HQ, Virtual Offices cybersecurity rating report: https://www.rankiteo.com/company/coalition
PLAYSTUDIOS ISRAEL cybersecurity rating report: https://www.rankiteo.com/company/playstudios-israel
"id": "FBICOAPLA1766711007",
"linkid": "fbicyber, coalition, playstudios-israel",
"type": "Cyber Attack",
"date": "5/2025",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of geographical region"{'affected_entities': [{'location': ['Global (50 U.S. states, 186 countries)'],
'type': ['Businesses']}],
'attack_vector': ['Email',
'Social Engineering',
'Phishing',
'AI-Enhanced Phishing',
'Deepfake'],
'date_publicly_disclosed': '2025-01',
'description': 'Coalition Insurance reported that 60% of cyber claims in 2024 '
'were related to BEC and FTF incidents, with 29% of BEC events '
'resulting in FTF. The severity of BEC attacks increased by '
'23%, with an average loss of $35,000, while FTF severity '
'dropped by 46% to an average loss of $185,000. Threat actors '
'used social engineering, AI tools, and deepfakes to enhance '
'phishing attacks. Ransomware remained the most damaging '
'attack type, though its frequency and ransom demands '
'decreased.',
'impact': {'financial_loss': ['$35,000 (average BEC loss)',
'$185,000 (average FTF loss)',
'$9.3 million (single FTF incident recovered)',
'$31 million (total recovered in 2024)'],
'operational_impact': ['Legal expenses',
'Incident response costs',
'Data mining',
'Notifications',
'Mitigation and recovery efforts']},
'lessons_learned': 'Email attacks remain a major vector due to their ease of '
'execution and effectiveness. AI and deepfakes are '
'increasingly used to enhance phishing attacks. Financial '
'institutions are improving fraud detection for large '
'transactions, reducing FTF severity. Cyber insurance and '
'risk management tools are evolving to simplify access and '
'understanding for businesses.',
'motivation': ['Financial Gain'],
'post_incident_analysis': {'corrective_actions': ['Improved email filtering',
'Employee training',
'Enhanced transaction '
'monitoring',
'Adoption of cyber '
'insurance tools'],
'root_causes': ['Social engineering',
'AI-enhanced phishing',
'Lack of employee awareness',
'Insufficient transaction '
'monitoring']},
'ransomware': {'ransom_demanded': '$1.1 million (average, down 22% YoY)',
'ransomware_strain': ['Akira',
'Play',
'MedusaLocker',
'RansomHub',
'Fog']},
'recommendations': ['Use filtered email services to detect malicious files '
'and links.',
'Train employees to recognize phishing attempts.',
'Implement multi-factor authentication (MFA) for '
'financial transactions.',
'Enhance monitoring for large or suspicious transactions.',
'Leverage cyber insurance and risk management platforms '
'for better protection.'],
'references': [{'date_accessed': '2025-01',
'source': 'Coalition 2025 Cyber Claims Report'},
{'date_accessed': '2024-09',
'source': 'FBI Report on BEC Scams (2023)'},
{'source': 'MSSP Alert'},
{'source': 'Fortune Business Insights'}],
'response': {'recovery_measures': ['Fund recovery efforts ($31 million '
'recovered in 2024)'],
'third_party_assistance': ['Incident response firms']},
'title': 'Business Email Compromise (BEC) and Funds Transfer Fraud (FTF) '
'Incidents - 2024 Trends',
'type': ['Business Email Compromise (BEC)',
'Funds Transfer Fraud (FTF)',
'Ransomware']}