Why do scammers target anti-fraud experts? Because sometimes we’re dumb too.
But in this case I didn’t fall for the two deepfake recruiters who emailed me yesterday.
However, I have some concerns about the REAL recruiters that the fraudsters were impersonating.
Deepfake recruiter 1, the Senior Vice President
The first fraudster emailed me early Tuesday morning California time:
Hi John,
I hope you’re doing well. My name is Ethan [REDACTED LAST NAME SPELLED WITH AN “E”], Senior Vice President at Aerotek, a national staffing and recruiting firm.
I’m reaching out regarding a confidential, retained search for a Senior Product Marketing Leader with a real, actively operating company in the identity verification and biometrics space. Your background in product marketing, go-to-market strategy, and competitive intelligence across identity technology firms stood out strongly during our shortlist review.
This role is ideal for leaders who drive product launches, shape competitive positioning, and accelerate growth in B2B/B2G SaaS environments.
If this aligns with what you’re exploring, I’d be happy to share the full role brief.
Best regard
Ethan [REDACTED LAST NAME SPELLED WITH AN “A”]
When a Senior Vice President can’t spell his own last name consistently, that’s a warning flag.
When said Senior Vice President emails me from ethan.aerotek.desk2@gmail.com, that’s another.
Finding the real recruiter
So because I am a Know Your Recruiter practitioner, (Adriana Linda, Kristen the guy, Amanda the guy, Randstad and Indeed people) I looked up Ethan on LinkedIn.
Turns out Ethan is a U.S. based person employed by Aerotek, with the same picture used in the Gmail account (which I guess qualifies this as a “deepfake”), but he is a Recruiter, not a Senior Vice President.
So I messaged the real Ethan on LinkedIn early Tuesday morning, reproducing the email message above and prepending it with:
Ethan, I received this from a Gmail address
Replying to the fake recruiter
Then I responded to the email from the fake Ethan:
Ethan, I have contacted you via LinkedIn. Please provide your Aerotek email address. Your client will understand.
My final comment probably went over the fake Ethan’s head, but any identity verification company would clearly understand why a candidate would insist on an Aerotek address rather than a Gmail address. Except in certain circumstances that I’ll address later.
And of course Aerotek would be very concerned about fraudsters impersonating real Aerotek employees…or so you’d think.
Back to the fake, who responded a few minutes later. Oddly enough, even though Ethan is U.S.-based, this email indicated that my reply was received in a time zone eight hours ahead of the Pacific Time Zone. Anyway, here’s the fake Ethan’s non-surprising response.
Thank you for reaching out. I’ve been experiencing some technical issues with LinkedIn this week, so I appreciate you continuing the conversation here.
This is the usual tactic employed by scammers. Stay off reputable platforms such as LinkedIn and move the conversation to another platform, in this case email. At least fake Ethan didn’t direct me to WhatsApp or Telegram.
As of Wednesday morning I left both conversations there. I didn’t reply to the fake Ethan’s latest email, and the real Ethan didn’t reply to my messsage.
And that’s a problem.
Concerns about the real recruiter
As I mentioned earlier, Aerotek obviously doesn’t want fraudsters impersonating their employees. And Aerotek employees certainly don’t want fraudsters impersonating them and lifting their facial images for fake Gmail accounts.
But the real Ethan apparently hasn’t checked his LinkedIn account in over 24 hours, and is completely unaware that a fraudster is impersonating him.
Causing damage to him and his employer.
If you’re a recruiter (or any professional) and you have a LinkedIn account, check it regularly. You don’t know what you’re missing.
But let’s move on to deepfake 2: technically not a deepfake since the fraudster only appropriated a name and not a likeness, but worrisome all the same.
Deepfake recruiter 2, the independent and invisible recruiter
The second fraudster emailed me late in the afternoon California time.
Hello John,
I hope you’re doing well.
I recently came across your background in B2B/B2G SaaS product marketing, particularly your work across identity, biometrics, and broader technology markets. Your experience driving product launches, developing go-to-market strategy, and building high-impact content and competitive intelligence frameworks really stood out.
I’m currently supporting a respected technology organization operating at the intersection of SaaS, cybersecurity, and identity, and your ability to bridge complex technical solutions with clear market positioning aligns closely with what they’re looking for.
Given your track record of both strategic thinking and execution (“ask, then act” definitely came through), I believe you could be a strong fit for this opportunity.
If you’re open to exploring, I’d be happy to share a brief overview of the role and why I feel it aligns well with your background.
Looking forward to hearing your thoughts.
Again this person emailed me from a Gmail address, consisting of the person’s name with an appended “8.”
Finding the real recruiter
So I checked out this person also, and discovered a few things.
- This is also a real person, based in Europe. So she supposedly sent this email after midnight her time.
- The real recruiter DOES have a Gmail address, but without the “8.” Why? Because the person is NOT employed by a huge recruiting firm such as Aerotek, but is a self-employed recruiting specialist. So it’s understandable that the real recruiter has a Gmail address. But as we will see, not advisable.
- Her company name is her name with the word “Consulting” appended, according to her personal LinkedIn profile.
So I messaged the real recruiter with the message “Possible scam artist” and the email address (with the “8”) that sent the message.
Replying, and not replying, to the fake recruiter
About an hour later (now well after midnight European time), I received a second email from the fake recruiter that didn’t reference my reply to the first one.
Hello John,
I hope you’re doing well.
I recently came across your background in B2B/B2G SaaS product marketing, and your work across identity, biometrics, and go-to-market strategy really stood out—particularly your experience positioning complex technologies like IAM, biometrics, and AI-driven solutions.
Your track record in product launches, competitive intelligence, and building high-impact content at scale aligns closely with what we’re currently prioritizing.
I’m supporting a respected technology organization that is expanding its product marketing leadership team, and based on your experience, you could be a strong fit—especially given your depth across both public sector (B2G) and commercial (B2B) environments.
If you’re open to exploring, I’d be happy to share a brief overview of the role and why I believe it aligns well with your background.
Looking forward to hearing your thoughts.
I didn’t bother to reply to the second email from the fake recruiter, or to notify the real recruiter of the second email.
Eventually I received a reply to my first email early Wednesday morning…oddly enough, indicating that the fake was in the Pacific Time Zone, not Europe. (Note to scammers: change your computer and software settings so that your time zone matches the time zone of the person you’re impersonating.)
Here’s how the reply began:
Thank you for your message here—and I did see your note on LinkedIn as well. Apologies for the slight delay in getting back to you, I was tied up attending to a few things earlier.
Yeah, sure you saw my LinkedIn InMail.
Anyway, forget about the scammer. Let’s look at the real recruiter.
Concerns about the real recruiter
As I mentioned, the real recruiter has a personal LinkedIn profile and a Gmail address.
And that’s it.
- I couldn’t find a LinkedIn company page for her consulting company.
- A couldn’t find a website for her consulting company.
- In fact, the ONLY reference I found to her consulting company was her personal LinkedIn page.
And that’s a problem.
The fact that she has no LinkedIn posts and no LinkedIn recommendations is another.
Now I’ll grant that many consultants get their business from word-of-mouth. Bredemarket certainly does.
But the only publicly-known way to contact THIS consultant is via email or LinkedIn InMail.
And as of now she hasn’t checked her InMail in over 12 hours.
What if she were to lose access to her LinkedIn account?
If you’re an independent recruiting consultant, own your own website, and don’t depend upon someone else’s social platform.
That’s one reason why Bredemarket offers several ways to reach me, most importantly the contact mechanisms available on my own website, free of the control of Microsoft, Meta, or any other company that could yank my access at the drop of a hat.
But there are others.
So if you have content or other needs…such as the need to create content to publicize your recruiting consultancy…why don’t you talk to me?
Bredemarket 