Don’t Fall for the Call

/in ,

Don't Fall for the Call

IT support scams are back and on the rise. Over the past few weeks, the reports of vendor phone calls and emails claiming to contact people about suspicious activity in their accounts have skyrocketed.  

Do Not Fall for the Scam

Google, and Microsoft, will NEVER call your or email you to start a service or support call.  Let me repeat that, but this time in bold. Google, and Microsoft, will NEVER call your or email you to start a service or support call.

Some of these calls and emails attempt to get you to enter your username and password into a fake web page. 

Many of these attacks request the multi-factor authentication (MFA) code. The attackers initiate a password reset. If given the MFA code, they access the account and can change credentials, access other services, and exfiltrate information.

It is more difficult to spot fake landing and sign in pages

While historically easy to spot, attackers use generative AI to create sophisticated fake login pages. 

Attackers are also using legitimate landing page, marketing, or document tools. The link in the email may open a validly hosted page or document with instructions and another link that, in turn, takes you to the fake login page. 

As the hackers take you through a legitimate service, as a pass-through, you may be less likely to notice that the page asking for your credentials is fake. This method is also more difficult to combat since the pass-through may require valid credentials for access.

Steps You Can Take

You can take a few simple steps to prevent these types of attacks from successfully damaging your business.

  • Education – Inform and educate your team about current and emerging cyber attack methods, what to look for, and how to handle suspicious activity.  Cyber Awareness Training, if well managed, is an affordable means to keep security top of mind.
  • Advanced Email Threat Protection – Email threat protection focused on sender domains, links, and attachments is not enough. Attackers use masking, images, and QR codes beyond the capabilities of many email protection services. Upgrading to a more robust service will provide better protections. Solutions that provide banners and “one-click response” better empower users to flag and manage suspect messages.

We Will Help

Our Cloud Advisors are here to assist. We will:

  • Assess your current security profile and protections
  • Prioritize options and recommendations for security improvements
  • Help you plan and budget for any changes
  • Deploy and co-manage your security solutions to keep you protected.

Schedule time with one of our Cloud Advisors now to begin your security review and improvements.

About the Author

Bill Seybolt bio pictureBill is a Senior Cloud Advisor responsible for helping small and midsize organizations with cloud forward solutions that meet their business needs, priorities, and budgets. Bill works with executives, leaders, and team members to understand workflows, identify strategic goals and tactical requirements, and design solutions and implementation phases. Having helped over 200 organizations successfully adopt cloud solutions, his expertise and working style ensure a comfortable experience effective change management.

Sustainability: Our Next Milestone

/in

ReforestationIn January 2025, Cumulus Global expanded its sustainability program to help offset the carbon footprint of our offices and operations.  In partnership with Evertreen, we fund the planting of 100 trees per month.

Over 1,500 Tonnes of CO2 Offset

With over 2,300 trees in 7 countries on 3 continents, our current forest offsets the electrical use of more than 975 households.

In addition to the climate benefits, our forest is producing food, reducing soil erosion, protecting watersheds, and providing local jobs.

As an IT firm, planting trees to offset our carbon footprint is part of an overall commitment to sustainability that includes using 100% renewable energy, reuse, and recycling.

We Can Help You Do More

One of the best ways to improve sustainability is to recycle electronic waste (e-waste). E-waste recycling has challenges, including but not limited to, finding reputable recyclers and cost.

Our Basic and Business Managed Cloud Services include lifecycle management for your computer with unlimited, no-cost, e-waste recycling. We provide a prepaid label. Just box up the items and drop them off at your local post office. As an added bonus, our IT asset disposal partners partner with Veritree to plant trees with every recycling order.

Call to Action:

For more information about our Managed Cloud Services, please contact us or schedule time with one of our Cloud Advisors

About the Author

Allen Falcon is the co-founder and CEO of Cumulus Global.  Allen co-founded Cumulus Global in 2006 to offer small businesses enterprise-grade email security and compliance using emerging cloud solutions. He has led the company’s growth into a managed cloud service provider with over 1,000 customers throughout North America. Starting his first business at age 12, Allen is a serial entrepreneur. He has launched strategic IT consulting, software, and service companies. An advocate for small and midsize businesses, Allen served on the board of the former Smaller Business Association of New England, local economic development committees, and industry advisory boards.

5 Cyber Threat Trends You Should Know

/in , ,

5 Security Cyber Threats You Should Know

Earlier this week, we shared CrowdStrike’s 2025 Global Threat Report which identified five (5) cyber threat trends that you should know. While cyber-fatigue is real, understanding the threat landscape helps you assess your risks and security posture and make informed decisions on how to prioritize security-related spending and investment.

5 Cyber Threat Trends

Here are the 5 cyber threat trends you should know.

1 China on the Rise

Cyber attacks originating in China – both nation-state and organized crime – jumped 130% over the prior 12 months. At the enterprise-level, China-nexus attackers focus on telecommunication systems. For most businesses, the increase in attacks on unmanaged devices should be of concern. 

Unmanaged devices lack detection and response capabilities that allow attackers to lurk, monitor, and capture credentials for greater access to your systems, applications, and data.

2 Hands-On-Keyboard Attacks are Making a Comeback

The best way for cyber attackers to avoid modern malware protection, such next-gen endpoint protection and managed detection and response (MDR) services, is for the attacker or a surrogate to use the keyboard. These manual, interactive attacks are up 27% over the prior year.

We may imagine hands–on-keyboard attacks as movie-like scenarios of corporate spies posing as custodians sneaking onto computers while avoiding the security guards making their rounds. In reality, the hands-on-attack may be your employee responding to somebody they think is IT support or a vendor helping them solve a problem.

3 Rapid Ransomware Reach

The speed at which cyber attackers can launch ransomware attacks after an initial breach is accelerating. From breach to spread, attacks are up to 32% faster than previously known.

This speed gives cybersecurity systems less time to identify behaviors and patterns that identify the cyber attack, weakening the effectiveness of the protections.

4 AI for Evil

With the help of AI, certain types of cyber attacks have jumped 220% over the prior year. Cyber attackers are using generative artificial intelligence (Gen AI) technologies to power more-effective attacks.  

Using GenAI, attackers create more realistic fakes – emails, documents, phone calls, and videos – to trigger responses and reactions that enable and facilitate access and breaches.

At the same time, cyber attackers are using security vulnerabilities in the platforms and tools businesses use to build AI agents, just as they use vulnerabilities in web, application, and office productivity platforms.

5 Cloud Attacks Gain Altitude

Cloud intrusions – successful cyber attacks on cloud systems and services – jumped 136% during the first half of 2025 compared to all of 2024. These attacks vector through compromised identities, improper security configurations, API vulnerabilities, lax security and permissions governance.

Steps You Can Take

To ensure your security footprint protects your business appropriately:

  • Conduct IT and Security Assessments that benchmark your security posture.
  • Prioritize your risks based on the nature and size of your business, industry standards and expectations, and regulatory requirements.
  • Level our Security CPR® model and managed services to plan, prioritize, and implement appropriate security and business resilience solutions that:
    • Address your prioritized risks as your budget allows
    • Protect from the most common and the most damaging/costly types of attacks.

We Will Help

Plan Now; Act Soon. Our Cloud Advisors are here to assist. We will:

  • Review your current systems and services and prioritize your risks. 
  • Help you prioritize, plan, and budget for security changes and improvements that may be necessary or preferred
  • Deploy and co-manage your security solutions to keep you protected.

Schedule time with one of our Cloud Advisors now to begin your security review and improvements.

About the Author

Allen Falcon is the co-founder and CEO of Cumulus Global.  Allen co-founded Cumulus Global in 2006 to offer small businesses enterprise-grade email security and compliance using emerging cloud solutions. He has led the company’s growth into a managed cloud service provider with over 1,000 customers throughout North America.

Major Google for Education Licensing and Price Changes

/in , ,

Google for Education Logo

As you are hopefully aware, Google announced major changes to both licensing and pricing for paid Google for Education editions

These changes will impact most schools after February 1, 2026, and will affect some schools as soon as October 1, 2025.  Depending on your annual renewal date, your district may experience a significant increase in Fiscal 2026 over current budgeted amounts.

The following are the licensing changes, pricing changes, and timing for the changes. We are also sharing our general recommendations based on your current subscription and plan.

Licensing Changes

  • Google is eliminating licensing that differentiates between students (full and part time) and faculty/staff. 
    • All users will require the same license(s)
    • You will no longer receive a staff license at no cost for every four (4) student licenses.
    • Every active user must be assigned an Education Fundamentals license
  • Education Standard and Education Plus subscriptions are designed and intended to cover all active users, not just a subset. 
    • Partial domain licensing is no longer possible, with few exceptions.
  • If you subscribe to either Standard or Plus, you must:
    • Purchase enough paid licenses to cover every user with an Education Fundamentals license
    • Ensure that all users with an Education Fundamentals license have an assigned paid license
  • Google is enforcing a minimum purchase requirement for paid licenses of 50 seats.
    • If your school has fewer than 50 faculty/staff and students, you must purchase 50 Education Standard or Education Plus licenses.

Pricing Changes

Google is increasing Google for Education pricing as follows. Note that subscriptions that were licensed and paid per-student will now be per-user, inclusive of students and faculty/staff.

Education Standard

  • Price remains at $3 per user per year.

Education Plus

  • Price increases from $5 to $6 per user per year
  • If subscription cost increases more than 10%, you may be eligible for a 1-year 10% discount on your license fees
  • Discounts are available with multi-year contracts

Teaching and Learning add-on

  • Price increases from $48 to $60 per user per year for Annual/Fixed Term Plan Subscriptions
  • Flexible Plan subscriptions increase from $4.80 to $6 per month

Timing of Changes

License and pricing changes start as early as October 1, 2025, for new all subscriptions and existing Flexible Plan subscriptions.  The changes take effect beginning February 1, 2026, for all existing Annual/Fixed Term Plan subscriptions.

New Purchases

  • For new Education Standard and Plus purchases, the new pricing takes effect as of October 1, 2025. The new pricing is for both Flexible (monthly) Plans and Annual/Fixed Term Plans (1+ year commitment with annual or monthly payments).

All Flexible Plan Subscriptions

  • If you are on Flexible Plan (monthly) subscription, the new pricing begins as of October 1, 2025.

Annual Plan Subscription Renewals

  • If you are on an Annual Plan Subscription, the price increase takes effect with your next annual renewal, on our after February 1, 2026.  As such:
    • If your renewal is before February 1, 2026, you may renew with the current licensing and pricing for one (1) year only.  Any renewal for multiple years will use the new licensing structure and pricing.
    • If your renewal is on or after February 1, 2026, your subscription will move to the new licensing and pricing structure upon renewal.
  • Please note that 
    • If your renewal is after February 1, 2026 and within your current fiscal year, your new cost may not be fully budgeted if your budget was finalized before considering the new licensing and pricing structure.
    • If you are renewing Education Plus and see a cost increase of more than 10%, Google will authorize a 10% discount for the first year of your renewal.

Annual Plan Subscription Upgrades

  • If you are using Education Standard, you can upgrade to Education Plus using the current licensing structure and pricing until January 31, 2026.  This includes mid-term upgrades that change your renewal date.
  • As of February 1, 2026, upgrading from Education Standard to Plus will move you to the new licensing structure and pricing even if the upgrade is prior to your renewal date.

Downgrades

  • If you choose to downgrade from Education Plus to the Teaching and Learning add-on, the new licensing and pricing takes effect October 1, 2025.

Our Recommendations

Depending on your current Google for Education subscription and plan, we recommend you consider the following:

New Education Standard and Education Plus Subscriptions

  • Schools planning to add Education Standard or Education Plus should do so with an Annual Plan commitment before September 30, 2025. 
  • This will provide first year savings over the new licensing and pricing structure and provide you with the ability to properly budget for FY2027.

Current Education Plus Subscriptions

  • Consider a multi-year commitment with possible discounts.
  • Evaluate your usage and determine if downgrading to Education Fundamentals and using the Teaching and Learning add-on is appropriate.

Upgrading from Education Standard to Education Plus

  • Schools planning this upgrade should do so with an Annual Plan commitment before September 30, 2025.
  • This will postpone the price increase and will provide a year savings over the new licensing and pricing structure and provide you with the ability to properly budget for FY2027.

Flexible Plans

  • Assess the stability of your user counts and, if feasible, move from your monthly plan to an Annual Plan prior to September 30, 2025. 
  • This will lock in current licensing and pricing for the first year and give you the opportunity to budget for increasing costs in the future.

We Will Help

Plan Now; Act Soon.  As with any major change, we expect you will have questions and that you may need to reassess your budget.  With the first deadline approaching October 1st, you have limited time to make decisions.  

Our Cloud Advisors are here to assist. We can review your current subscription, discuss your options, and help secure the initial year and multi-year discounts.

Please schedule time with one of our Cloud Advisors for assistance.

About the Author

Bill Seybolt bio pictureBill is a Senior Cloud Advisor responsible for helping small and midsize organizations with cloud forward solutions that meet their business needs, priorities, and budgets. Bill works with executives, leaders, and team members to understand workflows, identify strategic goals and tactical requirements, and design solutions and implementation phases. Having helped over 200 organizations successfully adopt cloud solutions, his expertise and working style ensure a comfortable experience effective change management.