A candidate sails through the screening call. The CV is immaculate, the GitHub looks busy, the references check out. Then, somewhere around the second technical round, something feels off... the camera "won't turn on," answers lag half a beat behind the audio, and the deep technical knowledge on the CV evaporates under a follow-up question.
If you hire software or AI engineers in Germany, you've probably already seen a version of this. If you haven't, you will. AI-assisted candidates, deepfake interviews and increasingly sophisticated profile inflation have moved from edge-case curiosity to a real, recurring recruiting problem, and the start-up and scale-up world is squarely in the blast radius.
The scale of the problem
Two data points frame how fast this is moving.
First, Gartner predicts that by 2028, 1 in 4 candidate profiles globally will be fake. In the same research, Gartner found that 6% of 3,000 surveyed candidates admitted to some form of interview fraud — posing as someone else, or having someone else pose as them, and that roughly 4 in 10 candidates already use AI somewhere in the application process. (This is a forward-looking prediction, not a measured rate, but the direction of travel is clear.)
Second, and more serious, Germany's domestic intelligence service, the Bundesamt für Verfassungsschutz (BfV), has warned that North Korean (DPRK) IT-worker operations are actively targeting German and European firms. These operatives pose as remote software engineers, DevOps specialists and AI/ML contractors, using stolen or synthetic identities, AI-generated CVs and cover letters, and deepfake video filters to pass remote interviews. The goal ranges from illicit salary extraction to planting backdoors for later exploitation, with the regime reportedly keeping the bulk of the wages.
Put those together and the picture is uncomfortable: fraud is no longer just the occasional embellished CV. It's a spectrum that now runs from harmless AI-polished phrasing all the way to state-sponsored infiltration.
What fake candidates actually look like in 2026
The threat isn't one thing. It's a gradient, and it helps to name the levels:
- Profile inflation. The most common and most benign. AI tools rewrite CVs, generate "experience" that's really a side project, and inflate seniority. Usually not malicious — but it erodes the signal you rely on to shortlist.
- AI-assisted interviewing. Real person, real face, but reading from an LLM in real time. Answers are fluent, generic, and oddly comprehensive — until you ask "why did you make that trade-off?" and the specifics collapse.
- Deepfake and identity fraud. The person on camera is not the person who will do the job, or isn't a real person at all. Synthetic video filters and AI avatars have made this far cheaper and more convincing than even a year ago.
- Organised infiltration. The DPRK case the BfV flagged. Coordinated, well-resourced, and specifically aimed at remote-first, English-speaking engineering teams, which describes a large share of German start-ups and scale-ups.
Why German scale-ups are especially exposed
Three things make the fast-growing tech employer a soft target. Hiring moves quickly, because speed is a competitive advantage, and rushed processes skip verification. Engineering teams increasingly operate in English and hire remotely across borders, which removes the "fluent German, on-site" friction that used to filter out bad actors. And AI roles are often filled by contractors and freelancers, exactly the channel the BfV identified as most exploited.
None of those are weaknesses you'd want to remove, they're how modern teams scale. The answer isn't to slow everything down. It's to put the right checks at the right moments.
The defences that actually work today
Here's the genuinely good news: you don't need exotic detection software to handle most of this. The strongest defences in 2026 still come from disciplined process — the same fundamentals that make hiring better anyway.
Structured interviewing. Ask every candidate the same role-relevant questions in the same order, and score against a rubric. Fraudulent and AI-coached answers are fluent but generic; structure exposes the gap between "sounds right" and "has actually done this."
Camera-on as a standard, not a request. Make it explicit and consistent that interviews are conducted with video on. A normalised camera-on policy makes refusal a signal rather than an awkward exception.
Behavioural depth. Don't stop at "what did you build?" Drill into why — the trade-offs, the thing that went wrong, the decision they'd reverse. Lived experience has texture and contradiction. Generated answers don't.
Live coding walkthroughs. Less "solve this puzzle," more "walk me through code you wrote and defend your choices in real time." It's hard to fake your way through a conversation about a system you didn't actually build.
Identity verification at offer stage. You don't need to ID-check everyone at first contact — that's friction in the wrong place. Do it before an offer is finalised: confirm the person who interviewed is the person being hired, and that they are who they claim to be.
A word of caution
There's a real risk in over-rotating on this. Most candidates using AI to tidy a cover letter are not fraudsters, they're doing what everyone now does. Treating every applicant as a suspect will cost you good people and damage your brand faster than the occasional fake will. The aim is calibrated scepticism: tighten verification at the points where the cost of a mistake is highest, and keep the early stages human and welcoming.
The teams that get this right won't be the ones with the most aggressive detection tooling. They'll be the ones whose hiring process was rigorous enough that fraud had nowhere to hide — and humane enough that real candidates still wanted the job.
This topic recently came up among the TA and sourcing experts in our network. If you'd like our full practical guide — "Authentic Hiring: Detecting Fake Candidates in 2026" — including the verification checklist we recommend to clients, get in touch with Rob Blackburn or Ivan Lechev.