Email providers should publicly disclose how old an email address is, and email clients should warn about emails coming from brand new addresses. My gmail account is 15 years old, so any email I send is unlikely to be created just to impersonate someone else.
This doesn't help though if your name happens to be Kevin Smith or something.
Also just ratchets the value of "old email accounts" up a ton. Reddit has a similar problem with fraud coming from old tenured accounts with karma (upvote points similar to HN) becoming very valuable and targets for hackers and spammers.
I don't know about new addresses, but it sounds like more robust vetting is needed on the interviewing side. Resumes and initial screens have become potentially stale and too easy to fake.
Speaking of the "Kevin Smith" case, I know of someone with a very common name going into an interview for a job he applied for - he was underqualified for the role and was surprised he was selected. Turns out the company had mixed him up with another candidate with the exact same name and sent out the interview invite to the wrong person!
This doesn't help though if your name happens to be Kevin Smith or something.