Authentic emails from the SSCC always contain the name of an SSCC staff member.

"Phishing" is the process of trying to trick you into revealing your password or other credentials by pretending to be the entity that gave out those credentials, and unfortunately it's very common. You should be immediately suspicious of any email that asks you to reply with your password or go to a web site (linked in the email) and enter your password.

Authentic emails from the SSCC always contain the name of an SSCC staff member (e.g. Ryan Horrisberger rather than "Web-mail administrator"). If you receive an email claiming to come from the SSCC that does not contain the personal name of someone who works at the SSCC, you can disregard it immediately.

Other clues that a message is a phishing attempt:

  • It contains multiple spelling and/or grammar errors (most phishing attempts appear to be written by people for whom English is a second language)
  • It refers to people and groups using generic titles ("Web mail team", "System administrator")
  • It confuses the SSCC with UW-Madison (e.g. it comes from the "Wisc.edu email team" but claims it will "upgrade" your @ssc.wisc.edu email address)

Unfortunately there's nothing that can be done to stop people from sending phishing emails. Thus there's no need to report such messages to SSCC staff—we normally get copies of the message addressed to us anyway. Feel free to just delete them.