There are a few potential ways someone could have obtained your personal email address from LinkedIn without your permission:
Your email is visible on your public profile
If your email address is listed on your public LinkedIn profile, anyone can see it just by visiting your profile. To check if your email is public:
- Go to your profile
- Click “View profile” to see how your profile appears to others
- Check if your email address is listed on your profile. Often it is under the “Contact” section
If your email is visible, anyone can access it simply by viewing your profile. It’s recommended to remove your email and any other personal contact details like phone number from your public profile.
Someone in your network shared it
If you’ve connected with someone on LinkedIn, they have access to view your email address and could potentially share it without your consent. When you connect with people on LinkedIn you are trusting them with access to your non-public information.
It was scraped from LinkedIn
Web scraping is a technique that extracts data from websites, in this case extracting email addresses listed on LinkedIn profiles. While scraping violates LinkedIn’s terms of service, some people still utilize scrapers to harvest email lists.
If your email is visible on your public LinkedIn profile, web scrapers could collect and share your email without your knowledge.
Your account was hacked
If someone gained unauthorized access to your LinkedIn account, they could view your email address and connections list which contains email addresses.
Always use a strong unique password on LinkedIn and enable two-factor authentication for added security on your account.
How to prevent your email being shared from LinkedIn
Here are some tips to help keep your email more private on LinkedIn:
- Remove your email from your public profile
- Be cautious when connecting with people you don’t know well
- Use a unique password and enable two-factor authentication
- Adjust your profile visibility settings
- Watch for signs your account may be hacked
Let’s explore each of these in more detail:
Remove your email from your public profile
Don’t display your personal email address on your public LinkedIn profile. Your email can be visible in a few places:
- Contact info section
- Summary or background sections
- Recommendations you’ve written for others
Go through each part of your profile and remove any mentions of your email address. This ensures search engines and public viewers can’t access it.
Be cautious when connecting with people you don’t know well
When you connect with someone on LinkedIn, you grant them access to view your email address and full profile. Be selective when accepting connection requests and limit connections to people you know and trust.
Also be wary of random connection invites, which could be scammers trying to harvest your personal information.
Use a unique password and enable two-factor authentication
Always use a strong, unique password for your LinkedIn account. Avoid reusing passwords across multiple sites.
Enable two-factor authentication (2FA) as well, which adds an extra layer of security by requiring you to enter a code from your mobile device when logging in. 2FA makes it much harder for someone to access your account if your password is compromised.
Adjust your profile visibility settings
Double check your profile visibility settings in LinkedIn’s privacy settings. Set your profile to be visible only to your connections rather than publicly visible.
This makes it harder for strangers to access details like your email address.
Watch for signs your account may be hacked
Monitor your LinkedIn activity for any suspicious signs like:
- Password change notifications you didn’t initiate
- Unfamiliar devices logged into your account
- Messages sent from your account you didn’t send
- Changes made to your profile or settings
If you notice any unusual activity, change your password immediately and contact LinkedIn support.
How to remove your email if shared without consent
If you find your email address has already been shared without your permission, here are some steps you can take:
- Search for your email address online to see where it may be visible. Use search operators like “[email protected]” and “email AT example DOT com” to cover variations.
- Go through search results and look for any instances of your email you want removed. Common places it could show up are:
- Forums and discussion boards
- Public directories
- Lists for sale on shady websites
- For sites with a remove option, follow their process to take down your information. You may need to create an account and flag the content.
- For sites without an automated removal process, reach out to the site owner or webmaster via email or contact form. Politely request they remove your private email address.
- If the site owner is unresponsive, you may need to contact the web host and file a complaint or DMCA takedown notice to force removal.
- As a last resort for malicious cases of email sharing, consult an attorney about sending a cease and desist letter.
Removing improperly shared emails takes persistence, but being diligent can help regain control over your contact information.
How to prevent email scraping from LinkedIn in the future
Here are some proactive ways to help avoid email scraping from LinkedIn profiles:
Adjust profile settings
As mentioned previously, double check your profile visibility is not public. Set it to be visible only to your first-degree connections.
Also toggle your profile from appearing in search engine results under “Manage public profile visibility” in your settings.
Alter email address
When adding your email to your profile, slightly modify it to use an alias, initials, or extra characters.
For example instead of [email protected], use [email protected] or [email protected]. This makes your actual address harder to scrape.
Report unsolicited outreach
If you receive any concerning unsolicited emails, report them to LinkedIn. This helps them strengthen protections against scrapers misusing data.
Use email alternatives
Instead of adding your real email, consider listing an alternative public contact method like:
- A LinkedIn messaging link
- A contact form URL
- A generic [email protected] address
Request removal from data brokers
If you find your email being sold by a shady data broker site, request removal under the CCPA/GDPR right to be forgotten laws. Keep flagging instances of misuse.
Is scraping emails from LinkedIn illegal?
Web scraping is a legal gray area that depends on how the data is obtained and used:
Potentially illegal scraping cases
- Accessing non-public sections of LinkedIn by automating login or sneaking past captcha
- Scraping data after LinkedIn has specifically denied access
- Selling or sharing scraped email lists
- Using emails for malicious purposes like phishing, fraud, or harassment
These practices often violate LinkedIn’s terms, data protection laws, and anti-spam regulations.
Potentially legal scraping cases
- Scraping public profile data without automation
- Using scraped public data for internal analytics/business purposes
- One-time scraping for individual outreach or personal use
These cases tread more lightly, but be sure to consult LinkedIn’s terms and local laws. Even public scraping at large scale can prompt legal action if deemed abuse by LinkedIn.
Best practices
Due to the hazy legality, it’s wise to avoid email scraping from LinkedIn whenever possible. Focus on ethical ways to obtain opt-in email lists instead, like:
- Collecting emails from newsletter sign-ups
- Exporting emails of current customers
- Purchasing opt-in lists from reputable sellers
- Connecting genuinely on LinkedIn for individual outreach
Scraping should not be your go-to strategy for acquiring B2B emails. Not only can it damage your brand reputation, but puts you at risk of legal consequences if leveraged improperly.
How to send a cease and desist letter about email misuse
If your email is being improperly used or shared by a website or individual, you can send a cease and desist letter demanding they stop. Here are key steps:
Craft your letter
Your cease and desist letter should contain:
- Your contact details and date
- Details about the improper use of your email
- A request for them to immediately cease and desist the activity
- A request to permanently destroy your email information
- A deadline for confirming compliance (e.g. 14 days)
- Statements about potential legal action if ignored
Remain professional but firm. Include evidence if possible.
Send your letter
Send your cease and desist letter via:
- Certified mail (with delivery confirmation)
- Registered mail (with receipt record)
- Professional courier service
Never send originals and be sure to keep a dated copy. Send to the organization’s legal department if possible.
Follow up
Follow up after your stated deadline if you receive no response. Consider escalating to actually filing a lawsuit if they still fail to comply.
Most organizations will conform quickly to avoid further legal entanglement. But be prepared to persist if needed.
Key takeaways
Here are some key tips on protecting your email address on LinkedIn:
- Remove your email from your public profile
- Be selective when connecting and sharing info
- Use strong account security settings
- Limit profile visibility
- Watch for signs of account hacking
- Report email misuse to LinkedIn
- Alter email or use alternatives
- Send removal requests and cease & desist letters
Safeguarding your email requires vigilance, but being proactive can help minimize the risk of your contact details being shared or scraped without your consent. Always be thoughtful about what information you share publicly online.
Frequently Asked Questions
Is it illegal to scrape emails from LinkedIn?
Scraping emails from LinkedIn is not strictly illegal, but violates LinkedIn’s terms in many cases. Potentially illegal cases include hacking private profiles, selling emails, or using them for malicious purposes. Public scraping may be defensible, but still risky without LinkedIn’s permission.
Can I get in trouble for email scraping?
Yes, you could potentially face legal trouble depending on how you scrape and use emails from LinkedIn. Violating LinkedIn’s terms or anti-spam laws can warrant lawsuits or criminal charges in some jurisdictions. Even if no laws are technically broken, brands could still pursue civil legal action against you.
Does LinkedIn notify you if someone views your profile?
No, LinkedIn removed their notification feature that informed users who viewed their profile. Now profiles can be viewed anonymously without triggering a notification to the profile owner. So you won’t know if someone accesses your profile or email address.
Can LinkedIn tell if you downloaded their data?
LinkedIn may be able to detect if you download member data at large scale, particularly if done through automation like bots or scrapers. However, they likely cannot tell if you manually export a few individual connections and their info. Either way, mass data harvesting violates their terms.
Is it OK to buy email lists from LinkedIn?
No, purchasing scraped email lists compiled from LinkedIn is risky and promotes unethical scraping practices. LinkedIn prohibits the sale of their member data. It’s smarter to build your email lists through legal opt-in methods instead.