“I am currently working as a Temporary Recruiting Assistant, assisting the company in finding a suitable candidate to fill an open position.
“After reading your background information, I believe that you have the experience and abilities that are highly qualified for this position.
“If you are interested in this opportunity, you are more than welcome to get back to me and I will be happy to provide you with more information about the position.
“Thank you for your time and look forward to your reply!
“Amanda Rodriguez
Temporary Recruitment Assistant | Administrative Support in Talent Acquisition”
I don’t know Spencer Stuart but they presumably wouldn’t hire a clown like this, even in a temporary capacity.
Here’s my reply, but the account disappeared before I could send it.
“If you are truly targeting anti-fraud identity verification product marketing professionals, your pitch itself sounds like it was written by a scammer fraudster. Even in his current condition, Kevin Mitnick wouldn’t fall for this scam.”
When a company announces its intent to buy another company, certain activities at both firms may be stalled.
This can be a good thing, as certain Motorola employees and IDEMIA lawyers know.
Motorola layoffs on hold
In late 2008 and early 2009 Motorola was in trouble—so much trouble that it would eventually bifurcate. (Heh.) So Motorola was laying off employees throughout the company…
…except in the Biometric Business Unit where I resided. Safran had announced its intent purchase that unit, and Motorola was obligated to deliver that unit to Safran intact.
So I kept my job…for another 12 years anyway.
IDEMIA lawsuit on hold
Anyway, Motorola’s Biometric Business Unit became part of Safran and then IDEMIA. And according to ID Tech, IDEMIA is the beneficiary of new acquisition activity.
“A legal dispute between South African Black Economic Empowerment (BEE) firm INFOVERGE and French multinational IDEMIA has stalled, with INFOVERGE citing ongoing acquisition activity involving IDEMIA’s South African subsidiary as the reason for the delay. The firm is seeking R39 million in damages over what it describes as a breach of contractual obligations by IDEMIA.
“INFOVERGE told reporters that it had been informed IDEMIA’s South African division is undergoing a corporate transaction, which has effectively paused the litigation process. ‘We’ve been told that the South African arm of IDEMIA is under acquisition … which leaves our legal matter in some kind of limbo as we wait,’ an INFOVERGE spokesperson said, adding that the prolonged delay is impacting their ability to fulfill their empowerment mandate.”
People can use forged government identities to scare you, rob you, or kill you. How can you protect yourself from fake law enforcement officers, or fake ICE agents? And how can police agencies and ICE protect THEMSELVES from these fakes?
I’ve already shared the story of the person driving around Delaware with flashing lights. Nothing terrible happened in that encounter, but similar impersonation encounters have been more critical.
The visitor, wearing an American flag-adorned baseball cap and a tactical vest with the words “Security Enforcement Agent,” announced the single word “Immigration,” implying that he was from Immigration and Customs Enforcement (ICE).
Several employees fled the scene, but the cashier did not and was immediately zip-tied.
So what happened next?
The so-called ICE agent took $1,000 and was gone 30 seconds later.
Vance Boelter is alleged to have shot Minnesota State Senator John Hoffman and his wife Yvette at their home, then shot and killed State Representative Melissa Hortman and her husband.
In both cases Boelter presented himself as a police officer.
“[C]all 911 from your cell phone. Tell the 911 dispatcher that you are concerned that someone…may not be a police officer.”
Of course a person in a car is generally safer than a person at the front door of a home or business, but in any case you can call 911 and ask for confirmation.
“Do not flee.”
This appears to be sound advice if the person is a real police officer. But if the employees hadn’t fled from the fake ICE officer in Philadelphia, perhaps they would have been robbed also.
“If the dispatcher cannot confirm that you are being [visited] by a police officer, stay on the line with the dispatcher, and ask for police assistance.”
Wise to get the real cops on the scene.
“Do not provide personal documents – driver’s license, insurance information or other documents – to someone who you suspect of being a police impersonator.”
No need to add identity fraud on top of everything else.
How do you know if it IS ICE?
Unfortunately, telling true ICE agents from fake ones is a little more difficult. Your local 911 dispatcher isn’t going to know if that’s a real ICE agent at your door.
5NBCDFW published some tips for those who receive an email, call, or visit from ICE. In regards to personal visits, the station offered this advice:
“ICE agents carry official badges and credentials. They may have identification cards with their name, photo and the department logo. You can ask them to show you their badge or ID.”
“If they refuse to show their identification, you are under no obligation to open the door.”
This of course is not foolproof, since anyone can print a fake business card (perhaps on their own printer, avoiding a commercial business such as the UPS Store), create a fake ID, or create a fake badge.
Challenges of identifying police officers or ICE agents
It’s a challenging identity problem. Especially since police officers may NOT be required to identify themselves. Uniformed officers are required to identify themselves in California (California Penal Code Section 830.10), but plainclothes officers obviously don’t wear badges, and California identification laws don’t apply in other states.
“Hey,” someone suggests. “Why not create a database of all the police officers and ICE agents so that can immediately prove their authenticity?” Unfortunately, that runs into a huge privacy problem, because what happens when (not if) that database is hacked? Or if the data is intentionally leaked?
(And before you say “not my problem, those people need to be in a database,” what if it WAS your problem? In my case, what if all marketing/writing sole proprietors were required to be in a database managed by the Department of Commerce? You’d be worried if it affected YOU.)
The only way that this will change universally is when the police officers, ICE, and other agencies have to deal with impersonators. For example, if fake ICE agents cause problems for the real ones, then ICE itself will insist on positive identification of real ICE agents.
If you are a jobseeker on LinkedIn, you have probably seen people claim to be recruiters from well-known companies, when in truth they are nothing of the kind.
Faking your employer has existed for a long time. Just ask the Delaware State Police, who for some reason isn’t keen on people who impersonate police officers.
“[A] 23-year-old man from Laurel, Delaware…reported that he had been driving eastbound on Nine Foot Road, east of Laurel Road, when a white Dodge Magnum with Arizona registration pulled behind him and activated flashing red and blue lights. As the victim began to pull over, the Dodge passed him and continued driving.”
Because Arizona police officers patrol Delaware all the time.
The 23 year old was rightfully concerned, called 911, reported the incident, and described the vehicle. But that wasn’t the end of it.
“Shortly after, the driver of the Dodge pulled up next to the victim and verbally confronted him. The victim did not engage, and the suspect eventually fled the scene.”
After an investigation, the Delaware State Police arrested Blayden Rose of Selbyville, Delaware, for impersonating a police officer.
The real Blayden Rose, courtesy the Delaware State Police. The police like to take pictures of special people.
Not sure if Rose can get off on a technicality (“I wasn’t claiming to be a cop, I was just doing a strobe show”), but it reminds us that we have to trust, but verify.
Looks complete to you, doesn’t it? Well, it isn’t. To, um, identify the missing bit of information that is both PII and PHI, take a look at this LinkedIn post from Jack Appleby. (Thanks to packaging expert Mark Wilson for bringing this post to my attention.)
“A dream brand just sent me a gift package & invite… but they broke the two most important rules of influencer gifting…
“The package was a ridiculously cool collab hoodie + an invite to an event I’ve wanted to go to since I was just a little kid… but the hoodie is a medium… and I’m an XL… and my name was spelled wrong on the invitation.”
And no, I’m not talking about Jack Appleby’s name.
I’M TALKING ABOUT HIS HOODIE SIZE.
And yes, hoodie size in combination with other information is both PII (personally identifiable information) and PHI (protected health information). If your hoodie size is XXL, but your height is only 5’1”…that has some health implications.
Yet at the same time it’s also vital business information. It’s collected from prospects and new employees at trade shows and during employee onboarding. And as Appleby’s example shows, there are potentially severe consequences if you get it wrong.
But does your favorite compliance framework include specific and explicit clauses addressing hoodie size? I bet it doesn’t. And that could be a huge privacy hole.
(The hoodie in my selfie is from my 2022-2023 employer. And yes I still wear it. But I got rid of my IDEMIA, MorphoTrak, Motorola, and Printrak attire.)
“On Thursday, the Laurens County School District 55 Superintendent Jody Penland announced a teacher at Waterloo Elementary will “no longer serve” as a teacher at the school.”
Why? Because she wasn’t who she said she was.
“School officials discovered Bryia Lattimore Scott of Simpsonville was impersonating Viola Church in order to gain employment at Waterloo Elementary.”
(4/14/2025 Fixed a typo. It’s KORN Ferry, not KORAN Ferry.)
Maybe it’s me, but I’m wondering if Kristen really works for SourceOwls. I know she has 980 followers and all, but yet…
Kristen Marty’s LinkedIn profile.
I’d post the link to Kristen’s profile, but it would probably be gone by the time you read this.
Anyway, she sent me an InMail, and I responded.
From LinkedIn.
I got my answer.
From LinkedIn.
Seriously, LinkedIn is filled with people who falsely claim that they work for SourceOwls, Korn Ferry, Kelly…even Amazon. And a verified profile doesn’t offer protection, because a verified profile only confirms identity—not employment.
Perhaps I was a little agitated or excited this afternoon.
Perhaps I was a little agitated because five (or maybe more; I lost count) scammers had sent me LinkedIn DMs when they gravitated to my #opentowork LinkedIn banner…like flies speeding to a carcass. (Which gave me an excuse to write about identity management on LinkedIn.)
Or perhaps I was a little excited because a Never Search Alone participant had shared an identity management product marketing position with me.
The bot says hello
After applying for said job, I was reading the company’s website to learn about its identity management product when the company’s bot kept on messaging me.
At 2:30 pm Chat Bot says: Hello, this is an AI Rep from [COMPANY]. If you need any assistance, feel free to ask.
At 2:30 pm Chat Bot says: Saw that you’re interested in our SaaS management and identity governance software. Any questions?
Being the curious type (after all, I worked for IDEMIA), I wondered how the chat bot would deal with what I REALLY wanted to ask about.
Not about a demo.
Not about the company’s recent funding round. (Series B, $35 million.)
At 2:47 pm I say: With 30 years’ identity experience and 9 years as a PMM, I just applied for your Sr PMM Identity Management role. So the only question that I have is when you will interview me.
And yes, my assumption that the company would immediately drop everything and interview me may have been a little overconfident. But it’s better than imposter syndrome.
And after all, this was just a bot. I assumed that the bot would be completely confused by my question, so no harm would come from overconfidence.
You know what they say about people who assume?
The bot exceeds expectations
At 2:47 pm Chat Bot says: Thanks for applying for the Sr PMM Identity Management role! Could you provide your email address so we can follow up on your application status?
One note here: the bot parroted my response back to me. The company’s job description does not include a job title with the “PMM” acronym.
Regardless, I was pleasantly surprised. The bot was trained to respond to job applicants. So I provided the email address that I used for my job application.
The bot does not meet expectations
That’s when I was UNPLEASANTLY surprised.
At 2:47 pm Chat Bot says: Thank you for your interest. Please provide a business email address so we can follow up on your application status.
Apparently the training wasn’t thorough enough. Think about it; if you’re an individual applying for a job, why would you apply with a “business email address”? Which one? From your current employer? THAT is not a good idea.
But as it turns out, I DO have a business email address-the one for Bredemarket. So I entered that, even though that email address does not appear anywhere on the job application that I had just submitted.
At 2:47 pm Chat Bot says: Thank you for providing your email. Our team will review the conversation and follow up if necessary. How else can I assist you today?
So it will be interesting to see whether the company contacts me at both of my email addresses.
(Post image generated at craiyon.com)
Postscript for those who don’t click on every link in a Bredemarket post
You missed Brian May’s collaboration with the Weebl folks.
This resonated with me because in mid-September I spent some Instagram time thinking about the word “flash” (as in how fast a human can create content).
My two most popular LinkedIn posts over the last two weeks discussed scammy SMS texts I received from people who claimed to work for Randstad and Indeed but clearly did NOT.
THIS post clearly won’t garner tens of thousands of impressions, but it’s much more important: how do you differentiate a real recruiter from a fake one?
The easiest test—which all the fake recruiters fail—is to ask the recruiter to provide their corporate email address. But even that can backfire when the fake provides an email from an ALMOST good domain such as endeede.com and hopes the mark doesn’t notice the difference.
There are other tests, but my “biometric product marketing expert” preferred tests such as comparing a live PAD#-tested selfie against a driver’s license don’t prove anything. Sure, such methods can prove that Anna Morgan is Anna Morgan, but they don’t prove her profession per se (fractional talent acquisition leader / recruiter / career coach).
So for now the best KYR tactic is to ask for a corporate email address. Definitely don’t take the recruiting conversation to Telegram.
# PAD = presentation attack detection. A presentation attack is when you substitute a fake face (or another fake, such as a fake driver’s license) for a real one.
AI image by Microsoft Copilot because Google Gemini still won’t draw people.
Bredemarket 