Skip to main content

This is the scam 100,000 Instagram users fell for – and how you can avoid it

Over 100,000 Instagram users recently fell victim to a scam, giving up their passwords and accidentally ceding control of their accounts to a tricky Swedish botnet called Instlike. 

Instlike tricked people because it looked legitimate. Philip Cristofar, a digital director at Volontaire, documented his experience with the tricky app, noting that he downloaded it because it had a bunch of real-looking positive user reviews. He discovered that the reason it had so many positive reviews is that the app gives you 100 free coins if you rate it in the App Store. That only equals $1 so apparently a lot of users have a very low going rate to be shills. 

Recommended Videos

But despite the positive reviews, Instlike is up to no good. You sign up and it’s supposed to deliver “likes” to your Instagram photos — something people are willing to pay money for, as we found when we documented the market for fake Instagram likes. But it doesn’t just get you likes — the app also likes the photographs of others from your account.

Now, this network of automated liking isn’t nefarious in and of itself, although it does suggest that people care more about outward manifestations of social affirmation than the sentiment behind them, which is both sad and totally believable. People are willing to relinquish control of their account to allow a bot to randomly like the photos of others in return for other automated likes. I’d be a little worried the bot was liking stuff I found terrible, but I suppose the users of Instlike don’t share that concern, or their desire for a surplus of likes on their own photos outweighs the possibly unsavory photos they’re endorsing. But even though I find that line of thinking hard to understand, that’s not the scam. 

Here’s where Instlike gets fishier than a pound of pickled herring: it doesn’t use the Instagram API for all of this, so it asks users for their username and password and is really just logging into their accounts remotely. And Instlike shares the bloody politics of a drug cartel: you can’t just leave. Even if you get rid of the app, users have reported that they still end up liking the photos of strangers. Once an Instliker, always an Instliker. 

The good news is if you didn’t download Instlike, it’s no longer around. It was recently removed from the App Store and the Google Play Store, so if you haven’t already fallen victim, you should be in the clear. But keep on the lookout for anything developed by Anton Lobovkin, who was behind this bot. 

But what about avoiding apps like Instlike? If you’re going to download an app that allows you to get random likes from others in exchange for random likes from you, you’re going down a dark path. But whatever kind of dumb app you’re downloading, NEVER GIVE YOUR PASSWORD. Legitimate apps don’t need to know your password. You can even make this tip into an acronym: NGYP. Not as catchy as YOLO but definitely effective at avoiding scams. 

Kate Knibbs
Former Contributor
Kate Knibbs is a writer from Chicago. She is very happy that her borderline-unhealthy Internet habits are rewarded with a…
Bluesky finally adds a feature many had been waiting for
A blue sky with clouds.

Bluesky has been making a lot of progress in recent months by simplifying the process to sign up while at the same time rolling out a steady stream of new features.

As part of those continuing efforts, the social media app has just announced that users can now send direct messages (DMs).

Read more
Reddit just achieved something for the first time in its 20-year history
The Reddit logo.

Reddit’s on a roll. The social media platform has just turned a profit for the first time in its 20-year history, and now boasts a record 97.2 million daily active users, marking a year-over-year increase of 47%. A few times during the quarter, the figure topped 100 million, which Reddit CEO and co-founder Steve Huffman said in a letter to shareholders had been a “long-standing milestone” for the site.

The company, which went public in March, announced the news in its third-quarter earnings results on Tuesday.

Read more
Worried about the TikTok ban? This is how it might look on your phone
TikTok splash screen on an Android phone.

The US Supreme Court has decided to uphold a law that would see TikTok banned in the country on January 19. Now, the platform has issued an official statement, confirming that it will indeed shut down unless it gets some emergency relief from the outgoing president.

“Unless the Biden Administration immediately provides a definitive statement to satisfy the most critical service providers assuring non-enforcement, unfortunately TikTok will be forced to go dark on January 19,” said the company soon after the court’s verdict.
So, what does going dark mean?
So, far, there is no official statement on what exactly TikTok means by “going dark.” There is a lot of speculation out there on how exactly the app or website will look once TikTok shutters in the US.

Read more