Business email compromise (BEC) attacks and funds transfer fraud (FTF) accounted for 60% of cyber insurance claims in 2024, according to a new report from Coalition.
“Business email compromise is an event in which cyber criminals gain access to an organization’s email account to execute a cyber attack,” the cyber insurance provider explains.
“Attackers often leverage email access to find sensitive data, including login credentials, financials, and other private information. Once equipped with sensitive information, they can steal money, extract data for extortion, or compromise additional technologies.”
Coalition also found that the severity of BEC attacks increased by 23%, with the average loss reaching $35,000.
“BEC claims severity in the US was higher ($36,000) than the global average, while both Canada and the UK were notably lower ($22,000),” Coalition says. “The spike in BEC severity was, in part, driven by increased prices related to legal expenses, incident response firms, data mining, notifications, and other mitigation and recovery efforts.”
The report adds that business sectors with lower security awareness were more likely to fall victim to cyberattacks.
“Industries that handle sensitive financial data, personal health information, or intellectual property are often targeted by cyber criminals due to the high value of their data,” the researchers write. “Industries tied to critical infrastructure may also face heightened risks from state-sponsored attacks and ransomware campaigns that can disrupt essential operations. Meanwhile, industries with lower cybersecurity awareness may be more susceptible to opportunistic attacks, like phishing and credential theft.”
The report notes that organizations should “educate employees on threat actor tactics, learn how to spot and avoid cyber attacks with phishing simulations, and meet compliance requirements.” New-school security awareness training can give your organization an essential layer of defense against social engineering attacks. KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.
Coalition has the story.
New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your quote for KnowBe4's security awareness training and simulated phishing platform and find out how affordable this is!
