Author Archives: bredemarket

Marketing and writing services.

Deepfake Recruiters and Invisible Recruiters

Why do scammers target anti-fraud experts? Because sometimes we’re dumb too.

But in this case I didn’t fall for the two deepfake recruiters who emailed me yesterday.

However, I have some concerns about the REAL recruiters that the fraudsters were impersonating.

Deepfake recruiter 1, the Senior Vice President

The first fraudster emailed me early Tuesday morning California time:

Hi John,

I hope you’re doing well. My name is Ethan [REDACTED LAST NAME SPELLED WITH AN “E”], Senior Vice President at Aerotek, a national staffing and recruiting firm.

I’m reaching out regarding a confidential, retained search for a Senior Product Marketing Leader with a real, actively operating company in the identity verification and biometrics space. Your background in product marketing, go-to-market strategy, and competitive intelligence across identity technology firms stood out strongly during our shortlist review.

This role is ideal for leaders who drive product launches, shape competitive positioning, and accelerate growth in B2B/B2G SaaS environments.

If this aligns with what you’re exploring, I’d be happy to share the full role brief.

Best regard 
Ethan [REDACTED LAST NAME SPELLED WITH AN “A”]

When a Senior Vice President can’t spell his own last name consistently, that’s a warning flag.

When said Senior Vice President emails me from ethan.aerotek.desk2@gmail.com, that’s another.

Finding the real recruiter

So because I am a Know Your Recruiter practitioner, (Adriana Linda, Kristen the guy, Amanda the guy, Randstad and Indeed people) I looked up Ethan on LinkedIn.

Turns out Ethan is a U.S. based person employed by Aerotek, with the same picture used in the Gmail account (which I guess qualifies this as a “deepfake”), but he is a Recruiter, not a Senior Vice President.

So I messaged the real Ethan on LinkedIn early Tuesday morning, reproducing the email message above and prepending it with:

Ethan, I received this from a Gmail address

Replying to the fake recruiter

Then I responded to the email from the fake Ethan:

Ethan, I have contacted you via LinkedIn. Please provide your Aerotek email address. Your client will understand.

My final comment probably went over the fake Ethan’s head, but any identity verification company would clearly understand why a candidate would insist on an Aerotek address rather than a Gmail address. Except in certain circumstances that I’ll address later.

And of course Aerotek would be very concerned about fraudsters impersonating real Aerotek employees…or so you’d think.

Back to the fake, who responded a few minutes later. Oddly enough, even though Ethan is U.S.-based, this email indicated that my reply was received in a time zone eight hours ahead of the Pacific Time Zone. Anyway, here’s the fake Ethan’s non-surprising response.

Thank you for reaching out. I’ve been experiencing some technical issues with LinkedIn this week, so I appreciate you continuing the conversation here.

This is the usual tactic employed by scammers. Stay off reputable platforms such as LinkedIn and move the conversation to another platform, in this case email. At least fake Ethan didn’t direct me to WhatsApp or Telegram.

As of Wednesday morning I left both conversations there. I didn’t reply to the fake Ethan’s latest email, and the real Ethan didn’t reply to my messsage.

And that’s a problem.

Concerns about the real recruiter

As I mentioned earlier, Aerotek obviously doesn’t want fraudsters impersonating their employees. And Aerotek employees certainly don’t want fraudsters impersonating them and lifting their facial images for fake Gmail accounts.

But the real Ethan apparently hasn’t checked his LinkedIn account in over 24 hours, and is completely unaware that a fraudster is impersonating him.

Causing damage to him and his employer.

If you’re a recruiter (or any professional) and you have a LinkedIn account, check it regularly. You don’t know what you’re missing.

But let’s move on to deepfake 2: technically not a deepfake since the fraudster only appropriated a name and not a likeness, but worrisome all the same.

Deepfake recruiter 2, the independent and invisible recruiter

The second fraudster emailed me late in the afternoon California time.

Hello John,

I hope you’re doing well.

I recently came across your background in B2B/B2G SaaS product marketing, particularly your work across identity, biometrics, and broader technology markets. Your experience driving product launches, developing go-to-market strategy, and building high-impact content and competitive intelligence frameworks really stood out.

I’m currently supporting a respected technology organization operating at the intersection of SaaS, cybersecurity, and identity, and your ability to bridge complex technical solutions with clear market positioning aligns closely with what they’re looking for.

Given your track record of both strategic thinking and execution (“ask, then act” definitely came through), I believe you could be a strong fit for this opportunity.

If you’re open to exploring, I’d be happy to share a brief overview of the role and why I feel it aligns well with your background.

Looking forward to hearing your thoughts.

Again this person emailed me from a Gmail address, consisting of the person’s name with an appended “8.”

Finding the real recruiter

So I checked out this person also, and discovered a few things.

  • This is also a real person, based in Europe. So she supposedly sent this email after midnight her time.
  • The real recruiter DOES have a Gmail address, but without the “8.” Why? Because the person is NOT employed by a huge recruiting firm such as Aerotek, but is a self-employed recruiting specialist. So it’s understandable that the real recruiter has a Gmail address. But as we will see, not advisable.
  • Her company name is her name with the word “Consulting” appended, according to her personal LinkedIn profile.

So I messaged the real recruiter with the message “Possible scam artist” and the email address (with the “8”) that sent the message.

Replying, and not replying, to the fake recruiter

About an hour later (now well after midnight European time), I received a second email from the fake recruiter that didn’t reference my reply to the first one.

Hello John,

I hope you’re doing well.

I recently came across your background in B2B/B2G SaaS product marketing, and your work across identity, biometrics, and go-to-market strategy really stood out—particularly your experience positioning complex technologies like IAM, biometrics, and AI-driven solutions.

Your track record in product launches, competitive intelligence, and building high-impact content at scale aligns closely with what we’re currently prioritizing.

I’m supporting a respected technology organization that is expanding its product marketing leadership team, and based on your experience, you could be a strong fit—especially given your depth across both public sector (B2G) and commercial (B2B) environments.

If you’re open to exploring, I’d be happy to share a brief overview of the role and why I believe it aligns well with your background.

Looking forward to hearing your thoughts.

I didn’t bother to reply to the second email from the fake recruiter, or to notify the real recruiter of the second email.

Eventually I received a reply to my first email early Wednesday morning…oddly enough, indicating that the fake was in the Pacific Time Zone, not Europe. (Note to scammers: change your computer and software settings so that your time zone matches the time zone of the person you’re impersonating.)

Here’s how the reply began:

Thank you for your message here—and I did see your note on LinkedIn as well. Apologies for the slight delay in getting back to you, I was tied up attending to a few things earlier.

Yeah, sure you saw my LinkedIn InMail.

Anyway, forget about the scammer. Let’s look at the real recruiter.

Concerns about the real recruiter

As I mentioned, the real recruiter has a personal LinkedIn profile and a Gmail address.

And that’s it.

  • I couldn’t find a LinkedIn company page for her consulting company.
  • A couldn’t find a website for her consulting company.
  • In fact, the ONLY reference I found to her consulting company was her personal LinkedIn page.

And that’s a problem.

The fact that she has no LinkedIn posts and no LinkedIn recommendations is another.

Now I’ll grant that many consultants get their business from word-of-mouth. Bredemarket certainly does.

But the only publicly-known way to contact THIS consultant is via email or LinkedIn InMail.

And as of now she hasn’t checked her InMail in over 12 hours.

What if she were to lose access to her LinkedIn account?

If you’re an independent recruiting consultant, own your own website, and don’t depend upon someone else’s social platform.

That’s one reason why Bredemarket offers several ways to reach me, most importantly the contact mechanisms available on my own website, free of the control of Microsoft, Meta, or any other company that could yank my access at the drop of a hat.

But there are others.

Bredemarket’s active platforms as of March 29, 2026.

So if you have content or other needs…such as the need to create content to publicize your recruiting consultancy…why don’t you talk to me?

On Illegal Product Marketing

You want to market your product, but should you? And will the authorities allow you to do so?

In 2026, there is a worldwide debate regarding social media products to younger people.

In the 1960s in the United States, the debate was about tobacco.

Not that kids could legally buy tobacco. (Wink wink.) But kids could certainly see television ads and hear radio ads for tobacco.

The country was Marlboro Country.

And the kids were paying attention, causing concern.

“Public health officials and consumers wanted stronger warning labels on tobacco products and their advertisements banned from television and radio, where they could easily reach impressionable children. (Tobacco companies were the single largest product advertisers on television in 1969.)”

President Richard Nixon stepped in.

“On April 1, 1970, President Richard Nixon signs legislation officially banning cigarette ads on television and radio.”

We’ve come a long way…baby?

Does your product suffer under advertising restrictions? How do you respond and find alternatives?

Ask questions.

Current Procedural Terminology (CPT) Must Remain Current

I knew that the set of medical billing codes—Current Procedural Terminology, or CPT—is critically important for health providers, insurance plans, and everyone else in the medical-industrial complex.

I didn’t know that the set of codes changes. Every year.

The CPT 2026 codes were announced in September 2025 and took effect in January 2026.

“The open and rigorous process maintained by the independent CPT Editorial Panel with broad input from the health care community, government, and industry produced 418 total changes reflected in CPT 2026 code set, including 84 deletions and 46 revisions in addition to the 288 new codes.

“Key updates included in the CPT 2026 code set are new codes for digital health services like remote patient monitoring, medical services involving hearing devices and augmented intelligence (AI), and a comprehensive update of codes for leg revascularization.”

Hope the billing coders are ready…although these days the coders may be AI. Again, hope the billing coders are ready.

Artificial Intelligence and Healthcare, A Qualified View

As I’ve noted before, healthcare is a pioneering user of artificial intelligence, although (hopefully) under robust controls to maintain accuracy and preserve HIPAA-level privacy.

And a number of companies poured $125 million into Qualified Health to advance AI in healthcare.

Why?

“We are living through a generational shift, one where AI doesn’t just augment how organizations work but fundamentally transforms them from the inside out,” said Mohamad Makhzoumi, Co-CEO of NEA, who will join Qualified Health’s Board of Directors in conjunction with the financing. “From NEA’s nearly five decades of company-building experience, we believe the organizations shaping the next era of healthcare innovation will be those helping health systems reimagine every administrative and clinical workflow from the ground up, and Qualified Health is exactly that company. We are thrilled to lead this financing and to partner with Justin and team to accelerate healthcare’s AI transformation and shape the future of healthcare enterprises across the country.”

“Health systems today are operating under extraordinary pressure, from rising labor costs to tightening reimbursement, while managing increasing complexity in patient care,” said Jared Kesselheim, MD, Managing Partner at Transformation Capital. “What stood out to us about Qualified Health is that the team approaches this work as medical care specialists, with a deep understanding of the realities health systems face every day. That perspective allows them to identify where AI can create meaningful clinical and operational impact. We’re excited to partner with Justin and the Qualified Health team as they help leading health systems navigate this next phase of healthcare.”

Because a Marketer Needs to Eat: Translating OpenAPI Version Difference Explanations into Marketing-Speak

To better understand two of the projects for a Bredemarket client, I asked Google Gemini for an explanation of the differences between OpenAPI versions 3.1.1, 3.1.2, and 3.2.

Google Gemini provided me with that explanation.

Then I supplied the following prompt:

Rewrite the above so a marketer can understand it.

Here is part of what Google Gemini provided to me.

🏗️ OpenAPI 3.1.1 & 3.1.2: The “Under the Hood” Fixes

These versions were like a restaurant updating its internal plumbing. They didn’t change what was on the menu, but they made sure the kitchen (the code) followed the latest global safety standards (JSON Schema).

  • The Goal: Accuracy and stability.
  • The Benefit: It ensures that when a developer tries to connect to your service, they don’t run into “grammar” errors in the documentation.

✨ OpenAPI 3.2: The “UX & Branding” Upgrade

Released recently (late 2025), this version is all about making your API easier to sell and easier to use.

1. Organized Menus (Hierarchical Tags)

Before, your API list was just one long, flat list of features.

  • Old way: A messy “junk drawer” of links.
  • 3.2 way: You can now create folders and sub-categories (e.g., Payments > Refunds > International). This makes your documentation look professional and much easier for customers to navigate.

2. Better Support for AI and Live Data (Streaming)

If your product uses AI or real-time data (like a live stock ticker or a ChatGPT-style chat), 3.2 is a game-changer. It has a specific way to describe “Streaming” data so developers know exactly what to expect from your “live” features.

3. The “Smart Search” (The QUERY Method)

In older versions, developers often had to “hack” the system to do complex searches. 3.2 introduces a dedicated Search button (the QUERY method) that is cleaner, safer, and follows modern web standards.

4. IoT & Smart Device Support

If your product works on a Smart TV, an Apple Watch, or an IoT device, 3.2 finally adds official support for “Device Pairing” (that thing where you enter a code on a website to log in to your TV).

Hey, it helped me. Marketers need to eat, and writers understand grammar.

Understand, Adapt, or Create

When Bredemarket begins an engagement with a client, I usually have no idea what processes, templates, or practices the client already has. So I have to handle whatever is or is not there and either understand what is there, adapt it, or create what is needed.

Understand

In some cases clients already have a process.

For example, as I delved into the Sharepoint library for one of Bredemarket’s clients, I found a complete set of branding guidelines that covered logos, colors, and many other aspects of the company’s branding.

In that case, my job is to simply make sure that I align with the client’s branding, and that my content, proposals, and analysis work for the client aligns with the branding guidelines…or with whatever other process the client has.

Adapt

Sometimes the client has a process, but it needs to be adapted in some way.

Here’s an example I can publicly share: not from a Bredemarket client, but from my former employer Motorola (back when Motorola was one company). I was a product manager at the time, and products were developed via a “stage gate” process. At Motorola, of course, it was called M-Gates.

Our “Printrak” group (automated fingerprint identification systems, computer aided dispatch systems, and the like) was the odd group out in our part of Motorola (the part that would later become Motorola Solutions). Most of the people in that part of Motorola sold police radios that were manufactured in bulk. Therefore the stage gate process included a step for a limited production run of police radios before moving to full production.

That didn’t apply for the software we sold to government systems. For example, the entire production run for the Omnitrak 8.1 release was no more than a half dozen systems for customers in Switzerland, Oklahoma, and other places. A limited production run wouldn’t make sense.

So OUR stage gate process eliminated that step and went straight to full production.

Create

And then there are the clients who don’t have anything. In these cases, my invention hat goes on.

For one Bredemarket client, I was asked to develop several pieces of collateral, such as (ironically) one on process maturity, and several random pieces of content tied to a product release.

I decided to approach it more systematically by introducing a simple go-to-market process that defined the external and internal collateral required for a “high” tier product release and a “low” tier product release. Resisting my urge to define something thorough, I simplified the GTM process as much as possible, while still providing guidance on what a product release should contain.

The client rejected the idea: “we don’t need no steenking process.”

Not surprisingly, the process maturity content was never released either.

I’ve had better luck with other Bredemarket clients, defining go-to-market, proposal, and other processes for them as needed.

Be Prepared

Providing product marketing expertise is much more than writing about a product.

Before I write a word of text, I ensure that the content aligns with the client’s strategies…or my own strategies if the client doesn’t have any.

And of course I ask questions.

When is a Law Enforcement Camera a Law Enforcement Camera?

Many years ago I was driving on Holt Boulevard in Montclair, California, preparing to make a left turn on Central. I followed the vehicle behind me and made my left turn…only then noticing that the left turn light was now red.

As the registered owner of the vehicle I was driving, I received an email from the city of Montclair a few days later. Because this is when Montclair was using cameras for traffic enforcement.

Off to traffic school.

Montclair doesn’t use traffic cameras any more, but all sorts of cameras are owned by, or accessible to, law enforcement agencies.

But how should they be used?

404 Media reported that the Georgia State Patrol accesses Flock cameras, for the intended purpose of gathering information for serious crimes. But what happens when the camera captures something not serious?

“Georgia State Patrol used its system of Flock automated license plate reader (ALPR) surveillance cameras to issue a ticket to a motorcyclist who was allegedly looking at his cell phone while riding, according to a copy of the citation obtained by 404 Media….The incident happened December 26 in Coffee County, Georgia. The ticket lists the offense as ‘Holding/supporting wireless telecommunications device,’ and includes the note ‘CAPTURED ON FLOCK CAMERA 31 MM 1 HOLDING PHONE IN LEFT HAND.’”

The man went to court and the ticket was dropped, but 404 Media is still outraged that the ticket was issued in the first place. Not because of Georgia’s policies, but because of other policies.

“Many police departments go out of their way to tell community members that Flock cameras are not used for traffic enforcement. For example, the City of Glenwood Springs, Colorado, states in a FAQ that “GSPD [Glenwood Springs Police Department] does not use Flock cameras for traffic enforcement, parking enforcement, or minor code violations.” El Paso, Texas, tells residents “these are not traffic enforcement cameras. They do not issue tickets, do not monitor speed, and do not generate revenue. They are investigative tools used after crimes occur.” Lynwood, Washington tells residents “these cameras will not be used for traffic infractions, immigration enforcement, or monitoring First Amendment-protected expressive activity” (Flock cameras have now been used for all of these purposes, as we have reported.)”

You will recall that I addressed another Flock Safety case, in which a citizen made public records requests from two Washington state jurisdictions. The jurisdictions said that they didn’t have the data; Flock Safety did. Flock Safety said that it had deleted the data.

Basically, Flock Safety is controversial, and some people are going to oppose ANYTHING they do. Even when Flock Safety technology protects people from dangerous drivers.

My view is that if a camera is used by a law enforcement agency, and there is no law prohibiting the law enforcement agency from using a camera for a particular purpose, then the agency can use the camera. There appears to be no such law in Georgia, so I’m not bent out of shape over this.

What are your thoughts? Is this a privacy violation?