SAS Webmail Logon Pages

  • Faculty & Staff
  • Students & Alumni

The list below shows links to the various webmail pages for SAS students, faculty, and staff.

Students using Google@SAS
Students using Penn Live
Faculty and Staff using Facstaff Webmail
Faculty and staff using SAS Webmail
Faculty and staff using PennO365 (O365)


If you bookmark the webmail site you use, then in the future you'll be able to go to that page directly without coming here first.

IRS Phishing Scam

You may receive an email message claiming to be from the IRS. It contains two attachments (Form W-4100B2 A1.doc and Form W-4100B2A2.doc) and appears to be from "Internal Revenue Service" with an address. This is a phishing scam! Penn's Payroll department confirmed with the IRS that these messages are not legitimate. The IRS will NEVER initiate communications with taxpayers via email. Do not to reply, click on any links, or open any attachments in these messages.

Phishing Scam Alert

[image of a fishing hook]

Beware of phishing hooks

Anyone with an email account may periodically receive fraudulent messages purporting to be from a legitimate organization in an attempt to trick them into providing personal or financial information.  This practice, known as 'phishing', is increasingly common, and can be most effective when coupled with a current event (such as the deadline for filing taxes, a political election, the return to classes, etc.). One recent example attempts to entice users with the promise of a pay-raise.

Please know that Penn will never solicit your username, password or other private information (such as full or partial Social Security Number) in this manner.  If you receive an email requesting you respond back or visit a website and provide any of this sensitive information, either delete or ignore it. Individuals are encouraged to contact their Local Support Provider (LSP) for assistance in determining whether or not a message is legitimate or if they believe they may have accidentally provided data to an unauthorized party.

ISC Information Security maintains a Phishing Archive, which lists recent phish attempts targeting Penn services.  You can also check this site to get a sense of whether a
new phish has already been observed and reported to the Information Security Office:

In addition to the archive, ISC makes other resources available to combat phishing, including:
·   "SafeDNS", a service that can proactively block connections to known malicious websites,
·   Two Step Verification (two-factor) for PennKey, which protects your PennKey by requiring both a password and a code generated on your phone
·   A variety of training and awareness resources (including the offer to provide in-person presentations to groups of any size).


We want to remind you that you should NEVER disclose your password to anyone, including those presenting themselves as support providers or school officials. SAS Computing or other legitimate system administrators will never ask for your password.

If you get any message that ask you for your password, please do NOT reply or forward the message - just delete it.

If you think you already may have been deceived into disclosing your password, please fill out our help form and we will investigate (and of course you should NOT include your password in your help request).

Detailed information about email security is available from

Advice about how to avoid phishing scams is available at

Check Penn's Phishing Email Archive to see whether a suspicious email has been identified as fraudulent:

Thank you for your help in maintaining a secure computing environment at Penn.


SAS Email Support Team