LinkedIn, the world’s largest professional network and a Microsoft subsidiary, has filed a lawsuit against ProAPIs Inc. and its founder and CTO, Rehmat Alam, accusing them of creating over 1 million fake accounts to scrape user data without authorization.
The platform seeks a permanent injunction to stop ProAPIs from accessing its systems, the deletion of all scraped data, and financial compensation for the illegal activities.
What Is Scraping, and Why Is It a Problem?
Scraping involves using bots, scripts, or fake accounts to automatically extract data from websites. While some data may be publicly visible, large-scale scraping violates LinkedIn’s Terms of Service, especially when done for commercial purposes or resale.
Scraping often leads to data leaks, phishing campaigns, identity theft, and social engineering attacks. LinkedIn has emphasized that automated mass data collection is not the same as “legitimate public access,” as it infringes on users’ privacy and opens the door to misuse of professional information.
The Lawsuit: LinkedIn vs. ProAPIs
According to court filings, LinkedIn alleges that ProAPIs, a Delaware-registered company, operated an API platform called iScraper, which sold real-time access to LinkedIn profile data via monthly subscriptions as high as $15,000.
The API reportedly handled up to 150 requests per second, revealing the industrial scale of its operations.
Founder Rehmat Alam is also accused of using fraudulent credit cards to register LinkedIn Premium accounts and bypass payment controls, gaining access to more profile data while evading detection.
The complaint also mentions the involvement of Netswift, a Pakistan-based technical partner, that helped keep the fake accounts and scraping infrastructure running.
Read more: Fake Telegram Apps Infect Android Devices Through Phishing Sites
LinkedIn’s Official Statement
Sarah Wight, LinkedIn’s VP of Legal, reaffirmed the company’s commitment to protecting user data:
“We continue to invest in advanced technology and dedicated teams to stop unauthorized data scraping. When necessary, we take aggressive legal action to prevent the misuse of our members’ information.”
Wight also pointed out that LinkedIn has already won multiple lawsuits against similar scraping operations, including a recent legal victory over ProxyCurl, another mass data harvesting service.
Legal Remedies Sought by LinkedIn
Filed in a California court, LinkedIn’s complaint demands:
- A permanent injunction preventing ProAPIs from accessing or collecting LinkedIn data
- Immediate deletion of all scraped data
- Financial damages and punitive penalties
- Reimbursement of all legal fees and court costs
LinkedIn also asked the court to recognize these actions as a blatant violation of their Terms of Service, setting a precedent against future scraping attempts.
Global Scraping: A Growing Challenge
Scraping is not new, but its scale has exploded thanks to automation and AI. Malicious actors and shady businesses use scraping to:
- Build fake marketing databases
- Assemble shadow profiles of users for sale
- Fuel phishing and identity theft campaigns
With over 1 billion users, LinkedIn remains a prime target. In 2022, the company introduced three new layers of protection, including:
- Bot detection algorithms
- Stricter account verification
- Enhanced fake account monitoring
Despite this, scrapers like ProAPIs adapt quickly, using realistic fake identities to bypass controls.
Why This Case Matters
This lawsuit has wider implications for digital ethics and data privacy. Even if LinkedIn data appears public, using it without consent for commercial gain violates users’ trust and can lead to:
- Sensitive data exposure (e.g., emails, job history)
- Targeted social engineering attacks
- Reputational risk for affected professionals
At TecnetOne, we believe this underscores the need for proactive cybersecurity, including threat monitoring and advanced fraud detection.
Similar titles: New WhatsApp Scam Steals Chats and Takes Full Control of Your Account
How to Protect Yourself From Scraping and Fake Accounts
Even with platform-level protections, you can take steps to guard your digital identity:
- Adjust your profile visibility – Limit who can view your data
- Avoid sharing sensitive info – Even small details can be scraped
- Report suspicious accounts – Especially those showing automated behavior
- Enable multi-factor authentication (MFA) – Stop account takeovers
- Use digital identity monitoring tools – Be alerted if your data is used elsewhere
TecnetOne helps organizations detect scraping bots, automate anomaly detection, and build secure privacy frameworks that limit exposure.
Final Thoughts
The LinkedIn vs. ProAPIs case is a reminder of how data theft has become industrialized. Today, cybersecurity is not just about firewalls and passwords—it’s about protecting the integrity of your data and the trust users place in your digital platforms.
As LinkedIn pursues legal action, the message is clear: unauthorized use of personal data will not go unpunished.
At TecnetOne, we support that vision. We believe innovation must be built on a foundation of digital ethics, transparency, and user privacy. Because protecting your data is not just a compliance issue—it’s a responsibility.