Cynch founder warns small businesses are at high risk of cyber attacks

AHEAD of the annual Scam Awareness Week, cybersecurity firm Cynch Security is reminding small business owners they have the most to lose when it comes to being scammed.  Cynch Security co-founder and CEO, Susie Jones said the rapid adoption of technology to help small businesses through the global pandemic had made the risk greater.

Ms Jones said a scam attack to a small business impacted them both personally and professionally. The number of attacks on small businesses are up this year compared with last "which is due to the global pandemic and we know our clients are concerned".

“Scammers don’t discriminate on the size of your business or where you’re located. Invoicing scams and business email hacks are hurting all small businesses in regional areas and in the major cities” Ms Jones said. 

“Scammers can buy somebody’s username and password within your business from the dark web to start sending emails from your business or hack a client you work with and start impersonating them.

"They will send fake invoices to you from a vendor with new bank details and even set up forwarding rules on your emails, before you know it you’ve paid a scam invoice that you thought was for one of your real vendors or clients.”

Ms Jones said June 2020 Scamwatch data showed, for that month, 870 businesses reported a false billing scam. About 33 percent of those businesses reported the scammers contacted them via text message and 37 percent said they were contacted via email.

In June 2020 there were 1550 reports of identity theft scams and 545 reports of hacking scams where the scammer hacked someone's computer. 

At the beginning of April, Cynch spoke with Dr Nikky Gordon from Heart Health and Fitness, a Perth based exercise physiologist that specialises in helping individuals with heart conditions.

The COVID restrictions had caused a significant disruption requiring them to switch to remote, telehealth services via the adoption of a broad range of solutions.

While Dr Gordon's first priority was to implement the right services to ensure she could continue supporting her clients, she had become uncomfortable with the risk these solutions posed, namely to her client’s privacy and confidentiality.

Ms Jones said small business owners could take an online survey or enroll in a Cyber Fitness Bootcamp "to help them understand the risks and what they can do now to protect their business". 

“Many people will think their own process is safe -- password with different letters or numbers and only they know the passwords -- but it’ll come up in a data breach somewhere and their business will be compromised," she said.

"Anything easy to remember is easy to hack, even if it’s unique to you."

Cynch is an Australian-owned small-business focused on cybersecurity for small businesse, keeping in mind budget, time and resource constraints.

Ms Jones said Cynch runs cyber fitness programs that do not require any technical expertise and are designed to facilitate gradual improvement, at a price small businesses can afford. Features include continuous cyber risk assessment, plain language cyber advice, bundled products, goal setting and tracking, compliance mapping and collaboration capabilities.


Cynch has developed a range of tips to stop the scammers:

  • Protect your passwords! It comes down to poor password management so start using a password manager and enable two-factor authentication 
  • Check your digital identity by doing a quick search on Google. Check where your personal information like email and phone number are published and consider removing them if they don't need to be there.
  • Don’t get tricked! Avoid being tricked by making a call to the business you’re paying and check it to confirm before you pay the invoice
  • Don’t think it won’t happen to you! Scammers don’t discriminate on size, they can hit thousands of small businesses at the same time 
  • Get Cyber Fit! Cyber fitness is all about taking small incremental steps to improve your cybersecurity every day. First step is to understand what you have to lose and what tech you rely on. What data do you have and what is valuable?


Contact Us


PO Box 2144