How to Find Someone's Email From LinkedIn (Without Breaking Any Rules)
LinkedIn profiles rarely display email addresses — but they reliably provide the three inputs that derive one: full name, current company (hence domain), and seniority. The standard workflow is pattern-plus-verification: generate the likely formats for that company's domain and confirm the live one with SMTP verification. No scraping, no login-wall games, no guesswork sends.
Method 1: pattern + verify (works for almost everyone)
From a profile you know the person is Jane Doe at Acme Corp (acmecorp.com). Most companies standardize one address format, so the search space is tiny:
- Generate the candidates —
jane.doe@,jdoe@,jane@,doej@— with our email permutator; the common formats and their relative frequency are covered in email address formats. - Verify which candidate is real with SMTP verification — the sendless handshake confirms a mailbox without sending anything.
- Corroborate the format: one colleague's known address (a press contact, a conference speaker list) reveals the whole company's pattern.
The one complication is catch-all domains, where every candidate "verifies" — there, corroboration and controlled-volume sending take over.
Method 2: finder tools with LinkedIn workflows
Commercial email finders maintain databases keyed to people and companies; most offer extensions that surface a verified address while you view a profile. Accuracy and coverage vary widely — our tools comparison tested the major ones — and the practical tradeoff is cost per find versus the free pattern workflow above. For volume prospecting, tools win on speed; for a handful of high-value contacts, pattern-plus-verify costs nothing.
Method 3: what's already public
Before any tooling: the contact-info panel on the profile itself (some people list emails), company websites, personal sites linked from the profile, and conference/podcast/GitHub footprints. The Google operators guide turns this into a five-minute systematic check.
The rules worth not breaking
- Don't scrape LinkedIn logged in — automated collection through an account breaches the User Agreement you accepted; that's precisely how hiQ lost despite winning its famous case. The full legal picture is at our sibling site: is it legal to scrape LinkedIn?
- Deriving a work email is lawful B2B practice in the US, and defensible under GDPR legitimate interest for relevant professional outreach — the obligations that come with it are covered in is it legal to find someone's email.
- Verify before sending, always: guessed-and-unverified addresses mean bounces, and bounces damage the domain that sends them.
At prospecting volume, doing this person-by-person is the bottleneck. Platforms like Sales.co short-circuit the whole workflow — verified B2B addresses matched to role and company filters, so the LinkedIn-to-email step happens at the data layer instead of one profile at a time.