Global Cyber Threat Report Highlights Surge in Financial Fraud and Ransomware
In 2025, business email compromise (BEC) and funds transfer fraud (FTF) will be the most common cyberattacks, accounting for the majority of cyber insurance claims. Rising ransomware threats, VPN weaknesses and social engineering attacks emphasize the critical need for more robust cybersecurity defense.
Tech Author
Cybersecurity threats continue to arise around the world, and a recent survey reveals that businesses are being targeted more than ever. According to Coalition data, Business Email Compromise (BEC) and Funds Transfer Fraud (FTF) include 58% of all cyber insurance claims in 2025. This demonstrates how scammers are focusing on financial schemes rather than technical threats.
BEC was the most common cyberattack, responsible for 31% of all claims. In this form of attack, hackers deceive employees by sending fraudulent emails that appear to be from reputable sources such as corporate executives or vendors. Despite a rise in the number of attacks, the average financial damage has decreased to $27,000 due to companies rapid identification and reaction.
FTF accounted for 27% of claims, with the majority of attacks using social engineering approaches. In these, attackers impersonate trusted individuals and convince employees to send funds. A significant number of these attacks were tied to BEC, in which hackers first gained access to email accounts before manipulating bank transactions.
In fact, BEC was involved in more than half of FTF cases, showing how these two threats are closely connected. Organizations also managed to recover $21.8 million in stolen funds, highlighting improvements in fraud response systems.
Ransomware attacks represented 21% of total claims. While the number of occurrences remained steady, the average ransom demand exceeded $1 million, with some cases reaching up to $16 million. However, many companies declined to pay the ransom, and those who did frequently negotiated much reduced amounts. Dual extortion is a growing form of theft in which attackers lock computers while also stealing data. This form of attack puts more pressure on victims and results in greater financial losses.
The report also highlights that VPN systems are a major target for attackers, especially when exposed to the internet. Companies with exposed VPN or remote desktop access are more likely to face cyberattacks. Hackers often use these entry points to gain initial access to company networks and move deeper into systems. Using strong passwords, enabling multi-factor authentication (MFA), and limiting public access can significantly reduce these risks.
Overall, the report shows that while cyber threats are evolving, better detection, faster response, and stronger security practices are helping businesses reduce the impact of attacks. Companies are now focusing more on proactive cybersecurity measures rather than reacting after an incident occurs. Investing in employee awareness, advanced security tools, and regular monitoring can further strengthen protection against modern cyber threats.
This article is based on information from Help Net Security
