Design Highlights
- Email fraud, particularly BEC scams, accounted for 15% of all cyber insurance claims in 2022, highlighting its prevalence.
- Phishing attacks serve as the foundation of email fraud, affecting a significant 83% of companies in 2021.
- The average claim for BEC scams is approximately $98,000, making it a frequent and costly issue for businesses.
- Small businesses represent 56% of email fraud claims, indicating vulnerability across various sectors.
- While ransomware claims are higher in value, email fraud occurs more frequently, leading to increased insured claims.
In the wild west of the digital age, email fraud is the outlaw that just won’t go away. It’s a sticky, pesky problem that keeps rearing its ugly head, and businesses are feeling the burn. In 2022 alone, Business Email Compromise (BEC) scams accounted for 1,153 claims, making up 15% of all cyber insurance claims. That’s right, folks—15%.
In the wild west of the digital age, email fraud is the relentless outlaw, leaving businesses reeling from its chaos.
And while ransomware is the big bad wolf of the cyber world, email fraud is the sneaky little critter that’s causing more chaos on a claim frequency level.
Let’s talk numbers. BEC scams average about $98,000 per claim, while good old-fashioned wire transfer fraud—often linked to these scams—comes in at a whopping $171,000. That’s some serious cash disappearing into the ether, and businesses are scrambling to cover their losses.
In fact, 62% of firms had cyber insurance in 2025, up from 49% the previous year. But many are still underinsured. A mere 19% of organizations have coverage beyond $600,000, leaving them vulnerable when fraud strikes. Much like health insurance plans, once businesses hit their out-of-pocket maximums, their cyber policies can cover 100% of remaining eligible losses within the policy year.
Here’s a kicker: phishing attacks are the bread and butter of email fraud. In 2021, 83% of companies were affected by phishing. And it’s not slowing down. Phishing emails spiked by 17.3% from September 2024 to February 2025. This rise in phishing incidents emphasizes the need for cyber insurance as a critical part of a company’s risk management strategy. In addition, 60-70% of large corporations are now recognizing the importance of comprehensive coverage in their cybersecurity strategies.
It’s like a bad horror movie—just when you think it’s over, it comes back for another round. Meanwhile, ransomware, which accounts for 29% of all cyber claims, is still the heavyweight champion regarding claim value, averaging $631,000. Yet, email fraud is sneaky; it’s simply more frequent.
Small businesses, those revenue-light players, are taking the biggest hit, making up 56% of claims. And sectors like manufacturing, healthcare, and IT? They’re getting hit hard.
Yet, despite all the chaos, only 24% of first-party claims had exclusions. Companies are realizing they need coverage, but the landscape is still fraught with pitfalls.
