Hello all. I work at a small company that has been routinely targeted by phishing emails that appear to be from our CEO. They are extremely amateur emails, but what shocks me is that we have examples of targeted email accounts that were created only 2-3 weeks beforehand. I don’t understand how these accounts could get out in the wild so quickly. They are usually staff level employees, and there are no email addresses posted on our external web site. Any ideas?