OnlyFans Creators Disrupt 3-Stage Scam Networks on Government and University Sites
Updated
Updated · Computerworld · Jul 17
OnlyFans Creators Disrupt 3-Stage Scam Networks on Government and University Sites
2 articles · Updated · Computerworld · Jul 17
Summary
OnlyFans creators are using DMCA takedown notices to strip stolen adult content from compromised government and university domains, disrupting scam and malware traffic pipelines tracked by Upguard.
Upguard said the abuse typically runs through a three-stage system: bait pages using stolen content, routing infrastructure that redirects visitors, and destination sites that monetize traffic through scams or malware.
Google classifies the operators as SEO parasites because they exploit the search authority of academic and government websites to rank highly and draw victims.
DMCA filings logged in Google’s Transparency Report and the Lumen Database also help identify likely compromised sites, giving affected institutions a signal to investigate the vulnerabilities that let attackers post the content.
The takedowns remove explicit material from search results and can limit reputational damage for public-sector and university websites while exposing a broader cybercrime tactic built on hijacked trusted domains.