LinkedIn caught spying on users browsers

You open LinkedIn, scroll a bit, maybe check a job post, and that’s it, right? Not exactly.

A new report suggests LinkedIn has been quietly scanning users’ browsers in the background, checking what extensions you have installed and collecting detailed device info while pages load. And just as you’d expect, it’s raising some eyebrows.

According to findings from Fairlinked and testing confirmed by BleepingComputer, LinkedIn loads a JavaScript script when you visit its site. That script does two main things. First, it check whether certain Chrome extensions are installed by probing known extension IDs.

Second, it collects device-level information like CPU cores, available memory, screen resolution, time zone, language, and battery status.

Why extensions are a big deal here

A large number of the extensions being checked are tools that interact with LinkedIn, especially ones used for sales intelligence, recruiting, and lead generation. Some of them directly compete with LinkedIn’s own products.

The report claims LinkedIn is scanning for hundreds of competing tools, alongside other unrelated extensions.

LinkedIn says it’s about protecting users

LinkedIn says it uses this kind of scanning to detect extensions that scrape data or violate its terms of service. In other words, it is trying to protect user data, platform integrity, and system stability.

The company also says it does not use this data to infer sensitive personal information.

Even with that explanation, the scale of the scanning is what stands out. Checking for thousands of extensions, plus collecting device-level data, falls into a category known as browser fingerprinting.

That’s a technique used to build a unique profile of a device based on its configuration.

And because LinkedIn accounts are tied to real identities, that kind of data can potentially be linked back to specific individuals.