BEC and Fund Transfer Fraud Top Insurance Claims

Written by

More than half (53%) of all insurance claims in 2023 were the result of email-based fraud, according to Coalition.

The insurer analyzed claims data for the year to produce its 2024 Cyber Claims Report. It revealed that business email compromise (BEC) and funds transfer fraud (FTF) were the top two events leading to customer claims in the period, accounting for 28% of the total. By contrast, ransomware accounted for 19%.

The number of FTF claims increased by 15% annually and the total amount claimed went up 24%, to an average loss of more than $278,000. BEC claims surged by 5% but claim amounts decreased 15% over the period.

There were far fewer claims for ransomware, which accounted for 19% of the total received by Coalition in 2023. However, their frequency was also up in 2023, by 15%, and the severity of claims increased 28% to an average loss of more than $263,000.

Read more on BEC: BEC Attacks Surge 81% in 2022

Overall in 2023, claims surged by 13% year-on-year (YoY) and losses increased 10% to an average of $100,000 per claim. Larger businesses of $25m to $100m in revenue saw the biggest YoY spike in claims frequency (32%).

The report also revealed that organizations using boundary devices such as firewalls and virtual private networks (VPNs) are increasingly getting compromised by vulnerability exploitation.

Coalition claimed policyholders with internet-exposed Cisco ASA devices were nearly five times more likely to experience a claim in 2023, and those with exposed Fortinet devices were twice as likely to experience a claim.

The firm has also been unequivocal in its treatment of Ivanti customers, given the vendor’s own problems with device exploitation.

“Exploitation of Ivanti devices has long resulted in numerous claims across the cyber-insurance industry, and we’ve long declined to offer coverage to organizations using vulnerable Ivanti appliances without appropriate mitigating controls,” said Coalition CEO, Josh Motta, in a LinkedIn post recently.

“We also found that policyholders using internet-exposed remote desktop protocol were 2.5 times more likely to experience a claim,” said Shelley Ma, incident response lead at Coalition affiliate, Coalition Incident Response.

“This new insight comes following Coalition’s Security Labs researchers’ discovery of a 59% increase in unique IP addresses scanning for open remote desktop protocol throughout last year.”

What’s hot on Infosecurity Magazine?