Responded to a Spam Phishing Email


What if I responded and gave my username and password? 

You should change your email password immediately.  Report the ’phishing’ email to the Service Desk
As your account was compromised you will start to receive a large amount of SPAM emails.  Do not open/reply to any of these emails.  Delete these emails.

ISS Response  
When ISS are alert by an account generating large amounts of outbound email, this usually means SPAM emails

  1. ISS will reset the password on your account
  2. Log on to the account and check the rules. If there is a rule to move all messages as they arrive into Deleted Items, delete the rule.  Usually the SPAMMer creates a rule to move ALL mail to the deleted items as they arrive. This usually delays the users awareness that their account has been compromised and the problem they usually report is that they are not receiving new mail.
  3. Create a new rule to move bounced SPAM to the deleted items folder. This might be based on the subject line.
  4. ISS will ring (if your telephone number is available) and inform you of your new password and the new rule created on your account
  5. A large amount of outbound SPAM emails can sometimes lead to emails being blacklisted, depending on the extent of the volume of SPAM.  ISS will follow up with individual service providers to get the block removed.  It can take up to 24 hours for external service providers to remove the block on emails

Share Responsibility for Protecting our Community at NUI, Galway

A number of you will have received a recent fraudulent message purporting to be from the NUI Galway "Technical Upgrade Team" or “IT SERVICE webteam” asking for your email login details.

We are all becoming increasingly familiar with the need to protect ourselves against malicious and fraudulent attempts to get us to disclose personal information. Many of you will be familiar with this through your use of Internet banking. On this occasion the fraudsters' objective was to use the University's IT resources to send out Spam on a large scale.

Only a tiny handful of people in our community were unfortunate enough to be deceived by this particular message. However, even this enabled the fraudsters to obtain limited access to our resources. The gaps created have now been plugged.

Despite our best efforts and significant technology investment we cannot guarantee to intercept and block all such messages in future. We have to ask you to share responsibility for protecting our community.

You should be aware of the following key principles:

  1. At work and outside work you should never ever respond to unsolicited emails requesting personal information such as your bank details, your date of birth, or your computer login credentials. 

  2. Remember that Information Solutions and Services will never send you an email asking for your computer password. 

  3. Any "All Staff" email sent by Information Solutions and Services will always be signed off with the name and position of a Information Solutions and Services manager. If you don't know the person or their position then check them out on our website.

  4. In future we will introduce messages from Information Solutions and Services with the words: "Information Solutions and Services / Réitigh agus Seirbhísí Faisnéise". If the message doesn't have this heading then don't trust it.