Spam email, is unsolicited bulk messages sent via email. A subset of spam is called bulk or junk email, which involves sending nearly identical messages sent to numerous recipients by email. Approximately 93% of email sent to the domain is Spam and blocked by Office 365 or Exchange Online Protection (EOP). That said, some spam mail still filters through to our domain, and being vigilant to this is of utmost importance.

Office 365 Anti-Spam and Anti-Malware Protection

Office 365 email messages are automatically protected against spam and malware filtering through Microsoft Exchange. For more details visit the Microsoft Website.

What if I Get a Request for Personal Information

You should never respond to unsolicited emails requesting personal information.


Phishing is an attempt to fraudulently acquire sensitive information, such as username, password and banking details, by masquerading as a trustworthy organisation or individual in an email message.

How Can I Protect Against Phishing Messages

Be suspicious of any email with requests for personal information. Information Solutions and Services will never send an email asking you to provide us with your password by email.

What Should I do if I Receive a Fraudulent Email

  1. Do not click any links 
  2. Do not open any attachments  
  3. Do not enter any personal details on the fraudulent email or website 
  4. Report the ’phishing’ email to the Service Desk
  5. Delete the email.

What if I Responded and Gave my Username and Password

You should change your email password immediately.  Report the ’phishing’ email to the Service Desk. As your account was compromised you will likely start receiving a large amount of SPAM emails.  Do not open/reply to any of these emails.  Delete these emails.

What do ISS do in Response to Phished Email Accounts

When ISS are alerted to an account generating large amounts of outbound email, it is usually due to SPAM email. In such instances, ISS will:

  1. Reset the password on your account
  2. Log on to the account and check the rules. If there is a rule to move all messages as they arrive into deleted Items, we will delete the rule.  Usually the SPAMMer creates a rule to move all mail to the deleted items as they arrive. This usually delays the users awareness that their account has been compromised and the problem usually reported is that they are not receiving new mail.
  3. Create a new rule to move bounced SPAM to the deleted items folder. This might be based on the subject line.
  4. ISS will ring (if your telephone number is available) and inform you of your new password and the new rule created on your account
  5. A large amount of outbound SPAM emails can sometimes lead to emails being blacklisted, depending on the extent of the volume of SPAM.  ISS will follow up with individual service providers to get the block removed.  It can take up to 24 hours for external service providers to remove a block on emails

Share Responsibility for Protecting our Community at NUI Galway

It is not uncommon for students and staff to receive fraudulent messages purporting to be from the NUI Galway "Technical Upgrade Team" or “IT SERVICE webteam” asking for email login details. To see more examples of typical emails received by NUIG click

We are all becoming increasingly familiar with the need to protect ourselves against malicious and fraudulent attempts to get us to disclose personal information. Many of you will be familiar with this through your use of Internet banking. Typically, the fraudsters objective is to use the University's IT resources to send out Spam on a large scale. On occasion, fraudsters may succeed in their attempts.

Despite our best efforts and significant technology investment we cannot guarantee to intercept and block all such messages in future. We have to ask you to share responsibility for protecting our community.

You should be aware of the following key principles:

  1. At work and outside work, you should never ever respond to unsolicited emails requesting personal information such as your bank details, your date of birth, or your computer login credentials. 

  2. Remember that Information Solutions and Services will never send you an email asking for your computer password. 

  3. Any "All Staff" email sent by Information Solutions and Services will always be signed off with the name and position of an Information Solutions and Services manager. If you don't know the person or their position then check them out on our website.

  4. In future, we will introduce messages from Information Solutions and Services with the words: "Information Solutions and Services / Réitigh agus Seirbhísí Faisnéise". If the message doesn't have this heading then don't trust it. 

Online Security Training

To find out more about Online Security visit our

Report Phishing

If you think that you have received a phishing email you can report it by forwarding the email to and our IT team can take the appropriate steps in blocking the email. 

How To Spot Phishing Emails

How To Spot Phishing Emails

You can protect yourself and others by learning how to spot and recognise fraudulent emails.

Learn More