Spam

Spam email, is unsolicited bulk messages sent via email. A subset of spam is called bulk or junk email, which involves sending nearly identical messages sent to numerous recipients by email. Approximately 93% of email sent to the @nuigalway.ie domain is Spam and blocked by Office 365 or Exchange Online Protection (EOP). That said, some spam mail still filters through to our domain, and being vigilant to this is of utmost importance.

Office 365 Anti-Spam and Anti-Malware Protection

Office 365 email messages are automatically protected against spam and malware filtering through Microsoft Exchange. For more details visit the Microsoft Website.

What if I Get a Request for Personal Information

You should never respond to unsolicited emails requesting personal information.

Phishing

Phishing is an attempt to fraudulently acquire sensitive information, such as username, password and banking details, by masquerading as a trustworthy organisation or individual in an email message.

How Can I Protect Against Phishing Messages

Be suspicious of any email with requests for personal information. Information Solutions and Services will never send an email asking you to provide us with your password by email.

What Should I do if I Receive a Fraudulent Email

  1. Do not click any links 
  2. Do not open any attachments  
  3. Do not enter any personal details on the fraudulent email or website 
  4. Report the ’phishing’ email to the Service Desk
  5. Delete the email.

What if I Responded and Gave my Username and Password

You should change your email password immediately.  Report the ’phishing’ email to the Service Desk. As your account was compromised you will likely start receiving a large amount of SPAM emails.  Do not open/reply to any of these emails.  Delete these emails.

What do ISS do in Response to Phished Email Accounts

When ISS are alerted to an account generating large amounts of outbound email, it is usually due to SPAM email. In such instances, ISS will:

  1. Reset the password on your account
  2. Log on to the account and check the rules. If there is a rule to move all messages as they arrive into deleted Items, we will delete the rule.  Usually the SPAMMer creates a rule to move all mail to the deleted items as they arrive. This usually delays the users awareness that their account has been compromised and the problem usually reported is that they are not receiving new mail.
  3. Create a new rule to move bounced SPAM to the deleted items folder. This might be based on the subject line.
  4. ISS will ring (if your telephone number is available) and inform you of your new password and the new rule created on your account
  5. A large amount of outbound SPAM emails can sometimes lead to nuigalway.ie emails being blacklisted, depending on the extent of the volume of SPAM.  ISS will follow up with individual service providers to get the block removed.  It can take up to 24 hours for external service providers to remove a block on nuigalway.ie emails

Share Responsibility for Protecting our Community at NUI Galway

It is not uncommon for students and staff to receive fraudulent messages purporting to be from the NUI Galway "Technical Upgrade Team" or “IT SERVICE webteam” asking for email login details. To see more examples of typical emails received by NUIG click

We are all becoming increasingly familiar with the need to protect ourselves against malicious and fraudulent attempts to get us to disclose personal information. Many of you will be familiar with this through your use of Internet banking. Typically, the fraudsters objective is to use the University's IT resources to send out Spam on a large scale. On occasion, fraudsters may succeed in their attempts.

Despite our best efforts and significant technology investment we cannot guarantee to intercept and block all such messages in future. We have to ask you to share responsibility for protecting our community.

You should be aware of the following key principles:

  1. At work and outside work, you should never ever respond to unsolicited emails requesting personal information such as your bank details, your date of birth, or your computer login credentials. 

  2. Remember that Information Solutions and Services will never send you an email asking for your computer password. 

  3. Any "All Staff" email sent by Information Solutions and Services will always be signed off with the name and position of an Information Solutions and Services manager. If you don't know the person or their position then check them out on our website.

  4. In future, we will introduce messages from Information Solutions and Services with the words: "Information Solutions and Services / Réitigh agus Seirbhísí Faisnéise". If the message doesn't have this heading then don't trust it. 

Online Security Training

To find out more about Online Security visit our Online Security Training webpage

Report Phishing

If you think that you have received a phishing email you can report it by forwarding the email to phishing@nuigalway.ie and our IT team can take the appropriate steps in blocking the email. 

Spoofing

Spoofing is the creation of email messages with a forged sender address. It is common for spam and phishing emails to use spoofing to mislead intended recipients about the actual origin of the message.

How Can I Protect Against Spoofing Messages

Unfortunately, it is very difficult to protect against spoofing email addresses. We can however be vigilant and know what to look for.

What to Look For

Below is a classic example of a spoofed email address.

  1. We see the 'Display Name' of the Email Address. Spoofers will edit the display name of the mail account to make it look like a standard user name.
  2. However we see the actual sending email address beside to the display name. The email will generally not match to that of the Display Name, as the spoofers are hoping that you will not notice the email address, and focus attention on the spoofed display name instead. In this example, the email is clearly suspicious, so care should be taken.

There are common sense measure we can take here to protect against spoofing emails. If you recieve an email, always ensure that the Display Name and the Email Address match. If they are entirely different, then you should be cautious. As noted, spoofing is generally done to phish information from another user. It is therefore a good idea to be wary of any unusual sounding requests for information from someone purporting to be a known colleague / user.

Can I Confirm an Email I Received is a Spoofing Email

It is possible to check the message header of any email you recieve, which will give you an indication of whether an email you have received is spoofed.

  1. View the Message Header from an email you suspect to be a spoofing email. See the Microsoft site here for instructions on how to view message headers
  2. Go to the Microsoft Remote Connectivity Analyser website and click on the 'Message Analyzer' tab
  3. Paste the full message header into the 'Insert the message header you would like to analyse' field and click 'Analyse headers'
  4. The email headers are broken down into specific fields, and basic information on the email origins are revealed. Specifically, look at Field 9 under 'Other headers'. The display name and email address should match.

Keep in mind, if you are ever in doubt as to the authenticity of an email, you should always report it to the ISS Service Desk or forward the email to phishing@nuigalway.ie and our IT team can analyse the mail and take the appropriate steps to block it if required.

If you have responded to an email or clicked on any of the links and provided login details or any other personal details, follow the steps below as soon as possible.

If you have given out your Campus Account Credentials 

  • Change your password immediately through CASS

  • Contact the Service Desk and report the phishing/Spam email

  • Log on to your email account and check the rules. If there is a rule to move all messages as they arrive into Deleted Items, delete the rule.  
    It is common for compromised accounts to have this rule added as a result of a spam attack making the user think that they are getting no mail. This is done to delay the time that the user will check their account and notice that their account was hacked. 
  • Create a new rule to move bounced SPAM to the deleted items folder. This might be based on the subject line.

A large number of outbound SPAM emails can sometimes lead to nuigalway.ie emails being blacklisted, depending on the extent of the volume of SPAM. If your account becomes locked due to it be being hacked ISS will follow up with individuals to help them regain access. 
ISS will follow up with individual service providers to get the block removed.  It can take up to 24 hours for external service providers to remove the block on nuigalway.ie emails 

If you have given out your Bank Account Details 

Contact your bank directly. Do not follow the link in the fraudulent email message

  • Call the bank’s hot line, usually printed on the back of your bank card, and report the incident
  • Routinely review your bank and credit card statements monthly for unexplained charges or inquiries that you didn't initiate.

How To Spot Phishing Emails

How To Spot Phishing Emails

You can protect yourself and others by learning how to spot and recognise fraudulent emails.

Learn More