In 2023, email-based fraud [1] [3] [4], specifically funds transfer fraud (FTF) and business email compromise (BEC) [2] [4] [5], dominated cyber insurance claims [1] [4].


FTF claims increased by 15% annually [3], resulting in an average loss of over $278,000. BEC claims rose by 5% [3], with a 15% decrease in claim amounts. Ransomware claims accounted for 19% of total claims, with an average loss exceeding $263,000 [3] [4]. Overall, claims surged by 13% year-on-year [3], with losses averaging $100,000 per claim. The 2024 Cyber Claims Report by Coalition highlighted a 13% increase in overall claims frequency and a 10% increase in severity year-over-year [4], with businesses in the $25 million to $100 million revenue range experiencing the sharpest spike [4]. Ransomware payments globally reached $1 billion [4], but Coalition reported a 54% drop in ransomware severity [4]. Coalition also assisted policyholders in negotiating ransom demands down by an average of 64% when necessary [4]. In 2023, 56% of all claims were attributed to FTF or BEC, underscoring the importance of email security in cyber risk management [2] [4]. The report also identified increased risks for organizations using certain boundary devices [2], such as firewalls and virtual private networks [2], with businesses using internet-exposed Cisco ASA and Fortinet devices being more susceptible to claims [2]. Additionally, policyholders using internet-exposed remote desktop protocol were found to be 2.5 times more likely to experience a claim [2]. Both FTF frequency and severity, as well as BEC frequency, increased during the year.


The rise in email-based fraud highlights the critical need for enhanced email security measures. Businesses must prioritize cybersecurity to mitigate risks and protect against financial losses. The findings of the report underscore the evolving nature of cyber threats and the importance of proactive risk management strategies in the digital age.