OFM Databank
The OFM Scammer Directory: Every Flagged Handle, Tactic, and Red Flag — All in One Place

Other

The OFM Scammer Directory: Every Flagged Handle, Tactic, and Red Flag — All in One Place

One operator lost $1,400. Another got their model's account loaded with illegal content. Here is every flagged name, trick, and tell the community has surfaced — organized so you can actually use it.

Updated Jun 2026 · sourced from 17 YouTube creators and 8 operator groups

Key takeaways

  • Real @btzofm never DMs you — any BTZ account that slides into your inbox is an impersonator.
  • The uppercase-I-for-lowercase-L trick fools more operators than you'd think; verify character by character.
  • Chatter payment scams follow a pattern: good first week, ghost on payday.
  • Fake marketplaces (OnlyFinder, Oura) are a recurring vector — no legitimate marketplace exists there.
  • Always create the middleman group yourself; never join one a stranger built.

Someone just paid $900 for a "BTZ-sourced" account. The seller had the right profile picture, the right bio, and a username that looked exactly right — until you held it up to the light and noticed the lowercase L was actually an uppercase I.

The account is gone. So is the $900.

This is the OFM scam economy in miniature: low-effort, high-yield, and almost entirely preventable if you know the playbook in advance. Below is every flagged handle, tactic, and structural red flag that operators have surfaced across multiple groups between late 2025 and mid-2026.

Two tiers of evidence — named, publicly citable sources marked [Y#], and anonymous operator chatter attributed only by approximate date range. Never blurred.


The Impersonation Playbook Nobody Talks About Clearly Enough

The most documented scam vector in OFM isn't phishing. It's homoglyph fraud — swapping visually identical characters to clone a trusted username.

The anchor example is @btzofficiai versus @btzofm. The fake account replaces the lowercase L in "official" with an uppercase I.

On most mobile fonts they are indistinguishable. Multiple separate operator groups flagged this specific account across a span running from late 2025 through mid-2026, with reports landing in at least five distinct periods.

The consensus is unambiguous: the real account is @btzofm, it has never sent an unsolicited DM, and it has never directly sold anything. The recommended middleman is @marshal.

When using a middleman, operators consistently emphasize one rule: you create the group yourself, then verify that both @btzofm and @marshal appear in the username field — not just the bio, which anyone can edit.

The same character-swap technique appears on a second flagged handle: @iiquidback mimicking @liquidback. Reports from two separate groups in early 2026 confirm the pattern.

The mechanics are identical — clone the appearance, exploit the font, collect payment, vanish.

The one-sentence rule: Verify every username character-by-character, on desktop, before any money moves.


The Named Handles: What Each One Did

Below are every flagged individual handle surfaced in operator chatter. These are unverified community reports — single or limited sources, not proven fact.

Treat them as due-diligence inputs, not convictions.

Payment / chatter fraud (operators ghosting on payday):

  • @GunnersMA — Reportedly ran a chatter operation, generated $9,300 in sales over three weeks, then refused to pay the chatter their $950 cut. One group, mid-2026.
  • @noah1zero — Alleged pattern: recruits chatters, lets them work, then logs them out of the account on payday and goes silent. One group, April 2026.
  • @DBALB1 — Reported to ghost chatters on payday while running an AI model under the name "Nina Noir." One group, April 2026.
  • @GunnersMA, @DBALB1, and @noah1zero share the same structural scam: the work is real, the payment never comes. This three-point corroboration on the same mechanic — if not the same person — is the pattern to watch.

Fake traffic / account sellers:

  • @tosyme / @mmtosy — Reported by one group (April 2026) to sell fake traffic that triggers OnlyFans chargebacks, with one operator citing $2,000 charged back. They allegedly use secondary accounts to post fake positive reviews. One source — treat with caution, but the chargeback mechanic is plausible and worth flagging.
  • @markv777444 (reportedly an alt of @mmrayh) — Flagged as an "account-eater" by one group in May 2026. One source, single group.
  • @Philip_R / @Philip_rdg — Reported by one group in June 2026: took $100 in crypto for warmed NSFW accounts plus marketing, delivered nothing, then gaslit the buyer when confronted. One source.
  • @curl_bryant1 (now operating as @ofm_davis) — Reported to sell fake model contracts, pose as the model during negotiation, then block after receiving payment of approximately €300. One group, March 2026. The rebrand to @ofm_davis is the tell to watch.
  • igmassdms / Henry (also seen as @igmassdm, @floan) — Flagged by one group in April 2026. Multi-alias operation is the structural red flag here regardless of the underlying claim.
  • @Btcusdkuwait and @dirhamOfmm — Named together in a scam warning from one group in early 2026. One source each.
  • @leng23334 (display name: "pitri") — Flagged by two entries from the same group across February 2026. Limited corroboration but repeat flags in the same community.
  • CHRIS_ACCTS — Flagged for selling TikTok accounts in early 2026 by one group. Demand proof of stock before any conversation about payment.
  • StardustNexus, Chrisodyssey / Chrisofm24 — Named alongside a phone number each in one group's May 2026 warning. One source.

The exit scam:

  • @Littesttelly — Reported to have exit-scammed approximately $350 and, more seriously, allegedly placed illegal content on a model's account. One group, March 2026. The illegal-content allegation is the most dangerous variant here — it creates liability for the model, not just financial loss for the operator.

Fake marketplace / fake identity checks:

  • @DropzyWorld / @DropzyWorldOF — Reported by one group in January 2026 to pose as a CupidBot moderator running fake "identity verification checks." Classic social-engineering: borrow the authority of a known service, invent a process, extract information or payment.
  • OnlyFinder fake sellers — Multiple groups note that OnlyFinder only sells ranking and ad placement on its own site. Anyone DMing to sell OnlyFans accounts through OnlyFinder is running a scam; the platform has no such marketplace.
  • Oura fake marketplace — Two separate groups flag this: Oura has no marketplace. Any account claiming access to one is an impersonator.
  • @promuke ("Villain") — Reported to have taken $1,400 from an operator in April 2026, one group. One source.

Structural Scam Mechanics (Beyond Named Handles)

Individual handles come and go. The mechanics underneath them don't.

The middleman substitution: A scammer pushes their own "trusted" middleman rather than letting you create the group. The moment someone else builds the MM group, you have lost verification control.

Operators across multiple groups, spanning late 2025 through mid-2026, consistently name @marshal, @laugh, @bluemm, and @henri77 as community-vetted options — while warning that anyone steering you toward an unknown middleman is likely running the substitution play.

Pay-before-receive: A Reddit account buyer reported paying for logins before receiving them, then getting blocked. One group, late 2025.

The fix is trivially simple: middleman holds funds in escrow until credentials are confirmed live.

The fake chargeback trap: The alleged @tosyme mechanic — sell traffic you know is low-quality or bot-driven, let the chargebacks hit the operator's OF account, walk away clean. The operator absorbs the platform penalty; the seller already has the money.

Telegram group infiltration: One group reported a three-month surge in join requests from accounts with no shared OFM groups — consistent with a leaked invite link being circulated or someone harvesting community membership lists (early 2026). There was also a separate rumored Telegram exploit targeting groups and channels with profile pictures, with some operators removing profile photos as a precaution — one group, early 2026.

Unverified, but worth tracking.


Where Operators Disagree

Not every signal in this space points the same direction. Surfacing conflict is the job.

On BTZ's middleman @marshal: Multiple operator groups across at least five separate date windows name @marshal as the legitimate BTZ intermediary. No group contradicts this directly.

However, the very trust attached to @marshal's name makes it a secondary impersonation target — and none of the evidence confirms an independent verification method beyond username-level checking. Treat it as the best available option, not a guarantee.

On platform viability for traffic: One group (early 2026) rates Reddit plus aged Twitter as the most stable OFM traffic foundation. A vetted creator (TDM Business (OFM), Dec 2025) assessed dating apps (Tinder, Bumble) as essentially dead for OFM in 2025 after spending hundreds of thousands building infrastructure that gets killed within minutes.

A second vetted source (Will Mammone, Oct 2025) (Will Mammone, Oct 2025) corroborates the unsustainability — loopholes close in two weeks. Yet a third group notes that Tinder delivers roughly 99% of its traffic from the account's creation city, which some operators still find operationally useful for hyper-local targeting.

The disagreement isn't really about whether dating apps are risky — everyone agrees they are — it's about whether that risk-reward still pencils out for specific use cases.

On platform trust scores: One group (May 2026) reports that platforms are moving toward overall account trust scores rather than per-action flagging, and that this is already active on X with Meta heading there. No vetted source has confirmed this directly.

It aligns with observable ban patterns but remains one unverified data point.


The Bot-Bouncer Check Nobody Mentions

Before you buy any account, run the username through the bot bouncer subreddit search. One group flagged this in early 2026 as a baseline verification step that most operators skip.

One source — but it costs nothing and takes thirty seconds.


Platform-Specific Technical Scam Vectors

Not all scams involve a named person taking your money. Some are technical traps that cost you accounts instead.

  • Crane app cloner on Bumble — Flagged by one group as triggering platform detection; a dedicated phone plus US SIM per account is the safer path.
  • Data-center proxies — Multiple operators and a vetted source (faceless francis ofm, Feb 2026) (faceless francis ofm, Feb 2026) converge on the same point: data-center IPs are high-detection-risk. Vendors selling "OFM-optimized" data-center proxy packages are, in effect, selling you a faster path to bans.
  • Geelark mass bans on Tinder — One group reported a ban wave in May 2026 hitting all Tinder accounts running on Geelark, including week-old accounts. One source, recent.
  • link.me redirects — One group flagged that link.me redirects are now detected and restricted on certain platforms, not just direct OnlyFans URLs. If your funnel relies on a redirect layer, audit it.
  • @snap2006-style Threads bio hooks — A vetted source confirms this tactic is deprecated and likely flagged as spam by Threads moderation. (habibi, Jan 2025) Vendors still selling "Threads bio optimization" built around age-signal hooks are selling a dead tactic.

The Practical Bottom Line

The scam economy in OFM has a clear structure. Impersonators exploit font-level character ambiguity.

Fake traffic sellers weaponize OF's chargeback system against the buyer. Chatter payment fraud follows a reliable arc — productive first weeks, ghost on payday.

Fake marketplaces borrow the names of real platforms to manufacture false legitimacy.

The countermeasures are equally clear:

  • Verify usernames character-by-character on desktop before any transaction.
  • Create the middleman group yourself. Never join one a stranger assembled.
  • No upfront payment without escrow. The moment someone resists a middleman, the conversation is over.
  • Demand working proof before paying for accounts, traffic, or contracts. Screenshots are free to fake; live screen-shares are not.
  • Run the username through the bot bouncer subreddit as a baseline check on any account purchase.
  • If an offer comes with urgency — a countdown, a "limited slots" pitch, pressure to skip verification — that urgency is the scam mechanic. Real opportunities don't require you to skip due diligence. [g6, April 2026]

The list above will date. The mechanics underneath it won't.

Know the pattern, not just the names.

Sources

On the record (YouTube creators):

  • habibiOnlyfans THREADS Strategy OCT 2025**, Jan 2025. Watch ↗
  • faceless francis ofmHow a $1M/Month OnlyFans Management Agency Actually Works (Full Breakdown), Feb 2026. Watch ↗
  • TDM Business (OFM)The Ultimate Social Media Tier List for OFM 2025, Dec 2025. Watch ↗
  • Will MammoneThe ACTUAL Best Traffic Method For OnlyFans Creators (forever), Oct 2025. Watch ↗

Community intelligence: 54 operator claims aggregated from 8 separate private OFM groups (Dec 2025–Jun 2026), corroboration counted across groups. Group identities are withheld to protect sources; browse the underlying intel in the Community Intel Wiki.