Business email compromise was the leading type of cyber incident in 2025, accounting for 31% of claims, as frequency rose but severity declined.
Funds transfer fraud, at 27%, was the second most common incident, flowed by ransomware at 21%, and “miscellaneous first-party loss” including email or domain impersonation at 17%.
Four percent of claims stemmed from third-party allegations, “as external parties sought accountability for data privacy or security failures,” according to a report Thursday from cyber insurer Coalition.
The report is based on data from more than 100,000 Coalition policyholders in the United States, Canada, the United Kingdom, Australia and Germany.
Although global claims frequency rose 3% to 1.54%, claims severity declined 19% to an average loss of $116,000 in 2025, Coalition said.
Business email compromise followed this pattern, as BEC claims frequency rose 15% to 0.47% as severity fell 28% to an average loss of $27,000.
The second most common claim type, funds transfer fraud, differed, seeing a decrease in both frequency, down 18% to 0.42%, and severity, down 14% to an average loss of $141,000.
Ransomware claims frequency in 2025 was unchanged at 0.32% as claims severity dropped 19% year-over-year to an average loss of $262,000. Coalition noted “because ransomware claims often take time to develop, we expect these figures to evolve.”
Business Insurance is a singular, authoritative news and information source for executives focused upon risk management, risk transfer and risk financing.
Never miss important news: Become a Business Insurance Online subscriber today
Copyright 2026. BUSINESS INSURANCE HOLDINGS
Business email compromise tops cyber claims: Coalition – businessinsurance.com
