Skip to content
LinkedIn scraper

LinkedIn Scraper: LinkedIn Web Scraping, Data Scraping, and Email Scraping for B2B Outreach

A LinkedIn scraper turns a LinkedIn search into a structured list of people: name, title, company, and the signals you need to write to them. What LinkedIn does not hand over is the work email, so every tool sold as a LinkedIn email scraper is really doing two jobs, extraction and address discovery. ColdMailer does both, verifies the result, writes a distinct first line for each prospect, and sends from your own mailboxes.

Free to start. No credit card. Your SMTP, your sending reputation, your data.

Last updated July 2026

Cold email generator

Runs in your browser
Subject line
Email body

    
Generate and send at scale with ColdMailer

Free tool. Nothing you enter is stored or sent anywhere.

0
Work emails LinkedIn publishes on a public profile. Every scraped email is inferred, then verified.
2022
Year the Ninth Circuit held that scraping public profiles is not CFAA access without authorization (hiQ v. LinkedIn).
$500,000
What hiQ paid anyway, in the December 2022 consent judgment, for breaching LinkedIn's User Agreement.
30 to 50
Emails per mailbox per day that a scraped list should actually be sent at, if you want replies instead of spam folders.
Features

What LinkedIn web scraping gives you, and what it does not

Profile and company data

Name, headline, job title, seniority, company, headcount band, industry, and location come straight off the public profile. This is the part every LinkedIn scraper does well, and the part that makes personalization possible.

Emails are inferred, not found

A public LinkedIn profile does not display a work email. A LinkedIn email scraper builds candidate addresses from the name and the company domain, then tests them. Anyone who tells you they read the address off the page is describing a different product.

Verification before the send

An unverified inferred address is a bounce waiting to happen, and bounces above about 3 percent are what kills a sending domain. Every address ColdMailer produces gets an SMTP check before it enters a campaign.

AI personalization from the scrape

The scraped fields are the raw material. ColdMailer reads the title, company, and recent activity and writes a first line that could only have been written to that person, not a merge tag dropped into a template.

Your own SMTP, unlimited mailboxes

Scraped lists need spread. Connect as many Google Workspace, Microsoft 365, or SMTP mailboxes as you want, and volume is distributed so no single mailbox looks like a bulk sender.

Suppression and reply handling

Replies, opt-outs, and bounces feed a suppression list automatically, so a scraped contact never gets a second campaign after asking you to stop. This is the part most scraper tools leave to your spreadsheet.

Comparison

A LinkedIn scraper vs ColdMailer

Most tools in this category stop at the CSV. That is the cheap half of the job. Here is what changes when the scrape and the send live in the same system.

Feature ColdMailer Standalone LinkedIn scraper
Profile data extraction Yes, filtered by title, seniority, industry, headcount, and location Yes, this is the core product
Work email discovery Inferred from name plus company domain, then verified Sometimes, often as a paid credit add-on
Email verification SMTP check on every address before it can be sent to Rarely. Usually a separate vendor and a second bill
Personalization AI writes a distinct opening line per prospect from the scraped fields Merge tags. First name and company name
Sending Your own SMTP, unlimited mailboxes, volume spread automatically No sending. You export a CSV and import it somewhere else
Deliverability controls SPF, DKIM, and DMARC checks, warmup, per-mailbox daily caps Out of scope
Suppression on reply or opt-out Automatic across every campaign Your spreadsheet
LinkedIn account risk Real. Any automation against LinkedIn carries account-level risk under their User Agreement Real, and identical. Nobody in this category can promise otherwise
What you hold at the end A verified, personalized, sending campaign A CSV with unverified guesses in the email column

We are not going to pretend the account risk is different for us. It is not. Anyone claiming their LinkedIn scraper is risk-free is selling you a promise they cannot keep.

Comparison

LinkedIn scraping tools compared

Grouped by the job they actually do. The single most useful column here is the third one, because it tells you how many more products you still have to buy after the scrape finishes.

Last updated July 2026

Tool Best for Sending model Starts at
ColdMailer Teams whose next step after the scrape is email: source, verify, personalize, send Your own SMTP, unlimited mailboxes Free to start, then usage-based
LinkedIn Sales Navigator Finding the right accounts and people natively, with no third-party risk No sending. Search, lists, and alerts only $119.99/mo or $1,079.88/yr, Core
Apify Developers who want LinkedIn scraping as an API they call from their own code No sending. Actor runs return JSON or CSV Free $5 credit, then $29/mo Starter
PhantomBuster Chaining LinkedIn actions together: profile visits, connection requests, list exports No sending. Cloud automations, CSV export See vendor page
Apollo Buying access to a rented contact database rather than sourcing your own Per-seat sending, shared infrastructure $49 to $119 per user/mo
Clay Enrichment waterfalls that stack several data vendors behind one table Enrichment. Sending through integrations Free, then about $185/mo

Prices read from each vendor's own published pricing page in July 2026: LinkedIn's Sales Navigator compare-plans page, apify.com/pricing, and apollo.io. PhantomBuster's pricing page renders in the browser and returns no figure to a plain request, so no number is quoted for it here rather than repeating one from a blog post. Verify before you buy.

Run this with ColdMailer

Connect your SMTP, let AI personalize every email, and start landing in the inbox. Your first 100 emails a month are free.

How it works

How to use a LinkedIn scraper without wrecking your domain

1

Scope the search before you scrape anything

A list of 400 people who match a real buying trigger beats 40,000 who share a job title. Filter by seniority, headcount band, industry, and geography first. Every unqualified row you scrape becomes a bounce, an ignore, or a spam complaint later.

2

Extract the fields you will actually write about

Title, company, headcount, and a recent post or role change are what personalization runs on. Scraping fifty fields you never reference in an email is data collection theater.

3

Infer, then verify, every address

Pattern inference produces a candidate. An SMTP check tells you whether the mailbox exists. Send only to what verifies, park the catch-all domains, and discard the rest. This one step is the difference between a 1 percent and an 8 percent bounce rate.

4

Send from mailboxes built for it

Never from your company domain. Buy two or three lookalike domains, run two or three mailboxes on each, warm them for a fortnight, then send 30 to 50 per mailbox per day with stop-on-reply follow-ups.

Is LinkedIn scraping legal?

Scraping publicly visible LinkedIn profiles is not, on its own, a federal computer crime in the United States. In hiQ Labs v. LinkedIn the Ninth Circuit held in April 2022 that scraping data a site publishes to the world does not amount to accessing a computer "without authorization" under the Computer Fraud and Abuse Act, building on the Supreme Court's narrowing of the CFAA in Van Buren in 2021.

That is the headline, and it is where most articles stop. The ending matters more. hiQ won the CFAA argument and still lost the case, because scraping while logged in breached LinkedIn's User Agreement. In the December 2022 consent judgment hiQ accepted a permanent injunction, destroyed the data, and paid $500,000. Contract law did what criminal law would not. Separately, CAN-SPAM governs the email you send, and the CCPA and CPRA govern how you handle a California resident's personal information, including the notice you owe them. The B2B carve-out in the CPRA expired at the start of 2023. We wrote the whole picture up in is LinkedIn scraping legal, table included. None of this is legal advice.

Can you get banned for scraping LinkedIn?

Yes. This is the honest answer and it applies to every tool in this category, ColdMailer included. LinkedIn's User Agreement prohibits automated access, and LinkedIn enforces it at the account level with rate limiting, challenges, temporary restrictions, and permanent bans. The risk is a function of speed and volume: hundreds of profile views an hour from one session looks nothing like a human, and that is what triggers the flag.

Practical mitigation is boring. Keep daily activity within what a diligent salesperson could plausibly do. Do not run automations from the account that holds your network and your reputation. Treat any account you point automation at as expendable. Nobody who tells you their LinkedIn scraper is undetectable is describing something they control, because the detection happens on LinkedIn's side.

How does a LinkedIn email scraper find email addresses?

It guesses, then it checks. A public LinkedIn profile contains no work email address. What a scraper has is a first name, a last name, and a company. From the company it resolves a mail domain, and from the name it generates the handful of patterns most US companies use: first.last, flast, firstl, first, and a few others. Each candidate is then tested against the receiving mail server, and the one that answers is the one you keep.

Two consequences follow. First, accuracy is a property of the verification step, not the scrape, which is why an unverified scraped list bounces so badly. Second, catch-all domains, which accept mail to any address, cannot be resolved this way and should be held back rather than blasted. If you want the mechanics in detail, see how to scrape LinkedIn emails and our LinkedIn email finder.

What is the best LinkedIn scraper?

It depends on what happens after the CSV lands, which is why the table above is organized around that question rather than around scrape speed. If you are a developer piping profiles into your own system, Apify is a scraper as an API and you should buy that. If you want to chain LinkedIn actions like visits and connection requests, PhantomBuster is built for that. If you never intend to leave LinkedIn at all, Sales Navigator plus manual list building carries no third-party risk.

If the scrape exists so you can email these people, buying a scraper alone means you will next buy a verifier, then a sending tool, then a warmup service, then something to catch replies. That is four bills, four integrations, and four places for the list to go stale. ColdMailer is the case where those four are one system, and it is the only reason to pick it over a dedicated extraction tool.

How many LinkedIn profiles can you scrape per day?

There is no published number, because LinkedIn does not document a scraping allowance for a thing it forbids. What exists in practice is a soft commercial search limit on free accounts, activity thresholds that trigger challenges, and a hard ceiling on how much profile viewing looks human. Community guidance clusters in the low hundreds of profiles per account per day, and the tools that promise thousands are usually rotating accounts or proxies to get there.

The more useful constraint is downstream anyway. If you can only responsibly send 30 to 50 emails per mailbox per day, and you run six mailboxes, you can send about 300 emails a day. Scraping 5,000 profiles a day into a list you cannot email for four months is not a throughput win. It is a stale list. Size the scrape to the sending capacity, not the other way around. See how many cold emails per day for the arithmetic.

What LinkedIn data scraping cannot get you

Being precise about this saves you from buying the wrong tool. A LinkedIn scraper cannot get you a direct dial, because phone numbers are not on the profile. It cannot get you a personal email, and if a vendor supplies one it came from a data broker, not from LinkedIn. It cannot tell you whether the account is researching your category right now, which is what intent data vendors sell. It cannot see people who are not on LinkedIn, which in some US verticals such as construction, trades, and independent healthcare is most of the market.

If any of those four are load-bearing for your motion, a scraper is the wrong purchase and you want a database. That is a real decision with a real answer, and we walk through it on B2B lead generation software and ZoomInfo competitors. Where a scraper wins is control: your filters, your list, your definition of a good prospect, and no per-credit meter running while you think.

The scrape is the cheap part

Teams that struggle with outbound rarely struggle because the extraction failed. They struggle because 4,000 unverified rows went into a sending tool on a domain that also runs payroll, at 400 emails a day from one mailbox, with a merge tag where the personalization was supposed to be. The scrape worked perfectly. Everything after it did not.

Order of operations that survives contact with Gmail: source a tight list, verify every address, write something a human would answer, send it from a warmed mailbox on a domain you can afford to burn, cap the daily volume, stop the sequence on reply, and suppress on opt-out. ColdMailer runs that whole sequence, which is why the LinkedIn scraper is a feature here rather than the product. The product is what happens to the list afterwards. Read cold email deliverability and SMTP email sender next.

Use cases

Who uses LinkedIn scraping this way

1

Agencies running outbound for clients

Every client needs a different list and none of them want to pay for a database seat. Filters change per engagement, and the list belongs to the client at the end.

2

Founder-led sales

The first hundred customers rarely come from a rented database. They come from a search you built yourself because you already know exactly who buys.

3

Recruiters sourcing passive candidates

LinkedIn is the canonical source of who does what, where. The work email is what lets you reach them outside a message request queue they never open.

4

SaaS teams targeting a narrow ICP

When the ICP is 3,000 companies rather than 300,000, a database is mostly wasted rows. A precise scrape is the entire market, and you can enrich it properly.

FAQ

LinkedIn scraper FAQ

Scraping public profile data is not a CFAA violation in the United States after hiQ v. LinkedIn (Ninth Circuit, 2022). It can still breach LinkedIn's User Agreement, which is a contract claim, and hiQ paid $500,000 and destroyed its data in the 2022 consent judgment. CAN-SPAM governs the email itself, and the CPRA governs a California resident's data. Not legal advice. Full breakdown in is LinkedIn scraping legal.
Yes, and every vendor in this category is exposed to the same thing. LinkedIn enforces its automation ban at the account level through rate limits, challenges, restrictions, and permanent bans. Keep activity at human volumes and never point automation at the account that carries your professional network.
No. A public profile displays no work email. Any tool marketed as a LinkedIn email scraper infers the address from the person's name and their employer's mail domain, then verifies it against the receiving server. The verification step, not the scrape, is where accuracy comes from.
Free extensions exist and they work until they do not: they break when LinkedIn changes its markup, they run inside your logged-in session, and they hand you unverified emails. If the list is going to be emailed, the bounce rate from unverified addresses will cost you more than the tool saved.
Inferred addresses that pass an SMTP verification check are typically reliable enough to send to, with bounce rates around 1 to 2 percent. Inferred addresses sent without verification bounce far more, often 8 percent or worse, which is enough to damage a sending domain in a single campaign.
Only the fraction of profile data LinkedIn serves to logged-out visitors, which is deliberately thin and served behind aggressive bot defenses. Meaningful searching and filtering happens behind the login, which is exactly where the User Agreement applies to what you do.
No, but it is the difference between a broad search and a precise one. Sales Navigator's filters (seniority, headcount, geography, hiring signals) are what let you scrape 400 right people instead of 40,000 approximate ones. LinkedIn publishes Core at $119.99 per month or $1,079.88 per year.

Scrape the list, then actually send to it

Source from LinkedIn, verify every address before it enters a campaign, let AI write a distinct opening line for each prospect, and send it all from your own mailboxes. Free to start, no credit card.

No credit card · Bring your own SMTP · Cancel anytime