Had any weird LinkedIn connections recently? They might not actually be people, but rather profile-sniffing “bots” that create fake user profiles in order to gain access to legitimate profile information. It’s a sneaky, underhanded way to build a recruiting business, and LinkedIn is trying to stop it with a lawsuit.

The problem is…it may not actually be illegal.

According to a lawsuit filed by business social networking site LinkedIn, certain “John Doe” companies are stealing the profiles of hundreds of thousands of LinkedIn users in order to launch recruiting and job services that are ultimately competitive to LinkedIn’s own recruiting service. LinkedIn’s lawsuit, filed this week in San Francisco, is asking the court to grant orders that will stop these shadowy operators from “scraping” LinkedIn’s servers. It also asks the court to make these unknown defendants pay damages for allegedly breaching federal laws and wasting LinkedIn’s time and IT resources.

If it seems problematic that LinkedIn doesn’t even know who it’s suing, the company is hoping that the lawsuit will allow it to embark on a mission of discovery. The company plans to issue discovery orders to Amazon Web Services, which the defendants are using to create and store information related to the fake profiles, according to GigaOm. Amazon itself is not named as a defendant in the suit. The practice has reportedly been going on since May of last year, according to the lawsuit.

Welcome to the shadowy world of Web services law, where it’s a bit of a digital wild, wild west. Just as it wasn’t technically illegal for all those Napster users to share music on a peer-to-peer basis in the 1990s (although it is now), it’s not technically illegal to copy information from a website. Where LinkedIn thinks it has a legal leg to stand on is that the practice violates the terms of its own user agreement and MAY violate the Computer Fraud and Abuse Act and the Digital Millenium Copyright Act (DMCA). Of course, those laws have always been open to interpretation by courts, and have even resulted in conflicting court rulings.

In the meantime, LinkedIn has been wildly scrambling to delete profiles determined to be faked and to put in place “additional technical protection barriers,” according to the lawsuit. Find a copy of the full lawsuit here.

It’s not the first time that fake users have threatened a technology company. When microblogging site Twitter issued the prospectus prior to its November 2013 initial public offering (IPO), the company noted that fake accounts created for the purpose of spamming was a real risk factor that could “hurt our reputation for delivering relevant content or reduce user growth and user engagement and result in continuing operational cost to us.”