Introduction
Fraud in cyber insurance claims is a growing concern, with financial fraud and ransomware attacks being particularly prevalent and costly. This report highlights the trends and impacts of these cyber threats, as well as the sectors most affected and the strategies for effective risk management.
Description
Fraud is a significant concern in cyber insurance claims [1], with financial fraud being the second most common type of cyber attack leading to claims and the most costly [1], according to At-Bay’s 2025 InsurSec Report [1] [2]. Phishing [2], a leading cause of financial scams [2], is responsible for the majority of these claims [2], as threat actors increasingly employ tactics such as compromised email chains and spoofed invoice requests to deceive employees into executing fraudulent transfers [2]. In 2024 [1], there was a 16% increase in claims compared to the previous year [1], although the average cost per incident decreased to $166,000 from $213,000 in 2021 [1]. Ransomware remains the most expensive type of claim [1], averaging $468,000 per incident [1], while damages from ransomware attacks targeting third parties resulted in an average claim of $241,000 [1], marking a 72% increase since 2023 [1].
The manufacturing sector experienced nearly double the frequency of ransomware claims compared to the overall average [1], attributed to security technology choices and culture rather than specific events [1]. The US Healthcare sector faced the most damaging incidents in 2024 [1], alongside disruptions caused by a self-inflicted outage at cybersecurity firm CrowdStrike [1], affecting many of their clients [1].
Effective risk management strategies include implementing endpoint detection and response (EDR) systems and having a dedicated team of security experts to monitor and respond to incidents [1]. The data indicates that technology choices and the vulnerability of third parties in the corporate supply chain significantly impact cyber risk [1].
Conclusion
The increasing prevalence and cost of cyber fraud and ransomware attacks underscore the critical need for robust risk management strategies. Organizations must prioritize the implementation of advanced security technologies and foster a culture of cybersecurity awareness. As cyber threats continue to evolve, staying ahead of these risks will be essential for minimizing financial losses and ensuring the resilience of affected sectors.
References
[1] https://www.cybersecurityintelligence.com/blog/fraud-is-dominating-cyber-insurance-claims-8373.html
[2] https://foresiet.com/blog/third-party-breaches-and-cyber-insurance-in-2025
