New OnlyFans Vulnerability Allows Scammers to obtain verified Fake Accounts | Ebonynsweet


 Update: 4.22.2020 | 11:48 PM PST

The scammer (@millionaiirdick) has temporarily returned on onlyfans with a new link, but it was swiftly taking down. 

This is the 3rd incident within 72 hours. A reminder that Zaywoah's Official Twitter pages are @imZyiair and backup page @60zyi.

We conducted an investigation and found that (@millionaiirdick) is a bait blogger that has been known on tumblr since 2018. He has stolen hundreds of photos of young boys. Please be careful. There's a high chance that some of his pirated content could be of underage minors.

Today, he stole another video of Zaywoah Voicing his frustration about the situation, and reposted it. Don't be fooled!

⬇ And here is the REAL post (below) ⬇

Avoid these links! ⚠️

Update: 4.21.2020 | 11:48 PM PST
Thank you to everyone that reported the fake page!  We are pleased to report that @millionairdick has been deleted.
We believe that this battle has just begun. The person behind that catfish account is obviously a psycho and will probably strike again. But we are also on the corona lock-down! So, we got plenty of time to spare.

Original Post

4.21.2020 | Editor Stanley M.
We have discovered a Onlyfans Vulnerability that allows scammers to obtain verified accountsfirst by submitting their own personal information during the approval process. And swapping their profile photo with a fake and then editing the display name to mimic other accounts. 


Onlyfans allow users to change their user "display" name located on their profile a multitude of times. As you can see (Above) the scammer millionairdick used his real credentials to pass the approval process. Afterwards, he edited the display name to read "Zaywoah", and then updated a different profile pic and banner.
The Onlyfans administrator(s) don't monitor these changes, unless it's reported. So it would be very easy for a scammer to fool the system defraud hundreds, maybe thousands of people before it's discovered.

Catfish Twitter Page and Stolen flyer
He also stole and edited our promotional flyer that we custom made for Zyiair. He pasted his own tag on-top of our tag.


Check out the graphic seen below. Here is proof that we are the owner and original source of the flyer. We can change the background color, remove or add text and customize the design, something the scammer can't do. We also added a never seen before photo of Zaywoah standing next to his car. The scammer do not have the original PNG files.

 Proof Photo

We had to heavily watermark the graphic (above) to make sure the scammer would have an much hardier time stealing our promotional content again.

The Onlyfans Vulnerability arises from their more relaxed approach to the way verification are processed. Which was meant to help improve marketplace diversity. A measure that we actually advocated for in 2019. The policy change seemed to be working, as more quality black models were getting approved faster. However, that also opened the door for would-be scammers. The number of catfish accounts and bait-shops has sharply risen.

Onlyfans problems over Security can be fixed
We're hoping that this new issue won't become a rampant problem. But, punishment should come swiftly to those found violating U.S. copyright infringement laws and they should be permanently banned by I.P. Address. And their payment system should detect the scammers banking account number and block them from reconnecting to another account.

What are the Solutions
Onlyfans should develop a new policy that allows them to take it a step further and report violators of multiple incidents to their financial institute. Deleting the account, simply isn't enough. They will just keep coming back.

It would also be helpful to block the ability for users to change their display name after the account was verified. And adding an extra level of security that allows a grace period of 5-7 daysplus needing approval by a moderator before changing a profile photo, a policy that works very well on
I have subscribed to over 60 accounts in 3 years and most content creators keep the same name and profile photo for several months or years. Based on our experience, models don't change their profiles too often. However, a scammer would likely change their name several times within a short period of time to mimic various accounts.
The solution can be kinda tricky. Because anytime you remove features or add more restrictions it can be a headache for all other users whom are following the rules. But it's necessary to sacrifice usability for security.

Before the first Fake Zaywoah account was deleted, the scammer had over 80 subscribers and collected tips & fees around a total of $1,000.00. It's unacceptable.

If you love Zaywoah, please make sure you report the fake page @millionairdick by clicking the onlyfans logo below.

And also report the fake twitter page here.

This website is protected by U.S. and International copyright laws. Reproduction and distribution of this blog post without written permission of the owner is prohibited.

No comments:

Powered by Blogger.