Recent Cybersecurity Incident and Email Phishing Threat

Date: May 15, 2024

Subject: Recent Cybersecurity Incident and Email Phishing Threat

Due to a recent email phishing attack experienced by many organizations, including the Rural Ontario Institute, we are bringing this security incident to your immediate attention.

It has come to our notice that a deceptive email from actors outside our organization was circulated among our network using a staff email. This email contains a malicious link that falsely represents itself as affiliated with Microsoft and SharePoint and is a fraudulent attempt aimed at acquiring sensitive credentials.

If you have received this email or one similar – Do not access the link.

Here is a summary of the incident, along with our suggested response.

Incident Overview

A deceptive email was circulated, purportedly sent from This email shares a document titled “Approval Disclosure” from our SharePoint site, but it is actually a malicious attempt to acquire your Microsoft 365 login credentials.

If you have received such an email and interacted with the link by inputting your credentials, there is a possibility that your login information may have been compromised.


If you have received this email:

  • Do not interact with the link.
  • Do not disclose personal information.
  • Report the email to your IT team for investigation.
  • Mark the email as spam or junk so that future attempts may be labelled as suspicious.

If you have inadvertently clicked on the link and provided your credentials:

  • Change your password immediately.
  • Notify your IT team.

As a preventative measure, you may also consider enabling Multifactor Authentication to ensure your organization’s credentials are protected.

We have taken steps to address this security threat. Your attention and cooperation in addressing this security concern is appreciated.

Should you have any questions or concerns, please don't hesitate to contact us.