Over the weekend a few users got a bunch of fake emails from Amazon, and some other ourdomain.com "team" that has our domain name on it (as if it's coming from the website "team" of our domain). The amazon email looked very real, and a few employees started freaking out and calling me saying their amazon account had been compromised.
I am just trying to understand how these spammers get some of our valid email addresses. I went into the exchange server management console, to message tracking, and looked at one of the amazon emails... The recipients listed in the message had about 10 emails listed. Four of them were valid emails of employees in our company, and the other 6 emails where way off track and not valid emails (although the @domain.com part was right). How did the real email addresses even get on the list? How do I protect our email accounts better so that these spammers don't know our real email accounts?
Also, in Exchange, the sender just says email@example.com. I know that is not the real address, but how do I see what the real sending address is?