← back to blog

Buying aged PVAs vs growing accounts in-house

Buying aged PVAs vs growing accounts in-house

the question comes up every few weeks in operator circles: is it worth spending $15 on an aged Facebook account, or should you spin up fresh ones and warm them yourself? on the surface it sounds like a simple cost-benefit calculation. in practice, it depends on the platform, what your operation looks like, and how much you trust your supplier. i’ve run both approaches across different campaigns and neither is universally better. what matters is understanding what you’re actually paying for, what the risks look like at each stage, and where each approach breaks down.

if you buy a hundred aged accounts and they all checkpoint on day one because the supplier recycled them through three operations before yours, you’ve wasted money and blown your warmup window. if you try to grow everything in-house on a platform with aggressive new-account friction, you’ll spend weeks babysitting accounts that never reach useful trust levels. getting this decision wrong affects velocity, reliability, and whether your operation can scale.

this piece assumes you understand phone verification basics, know what a warmup sequence looks like, and have run at least a small-scale multi-account operation before. i’m not going to explain what a PVA is. i’m going to tell you what actually differentiates a useful aged account from a liability, and when growing in-house makes more operational sense despite the time cost.

background and prior art

the market for aged accounts has existed as long as platforms have had meaningful trust tiers. the basic insight, documented in platform trust research including Meta’s own coordinated inauthentic behavior reports, is that account age and activity history correlate strongly with reduced friction on posting, advertising, joining groups, and messaging. platforms use age as a proxy for legitimacy because it’s expensive to fake at scale over a long time window.

the PVA supplier ecosystem grew to meet demand from affiliate marketers and grey-market operators who needed trust signals without the time investment. the Stanford Internet Observatory documented several of these networks, noting that the supply chain often involves real humans creating accounts organically before selling them after aging, or automated farms with residential IP rotation that mimic organic behavior. both exist. quality varies enormously.

the in-house growth approach is less glamorous: register accounts, warm them manually or with automation, build history over weeks or months. you control the entire behavioral fingerprint from day one. the disadvantage is obvious: time. for operations that need fifty accounts this week, in-house growth is often not a viable primary strategy.

the core mechanism

what does “aged” actually mean in trust terms? it’s not just the registration date. platforms weight several signals:

account age since creation. a two-year-old account has survived multiple platform enforcement sweeps. an account created in 2021 and still active in 2026 has passed more checkpoints than one created in early 2025.

behavioral continuity. was there consistent low-level activity, or gaps followed by a burst? platforms flag dormant accounts that suddenly become active. an aged account that went dark for a year will often behave more like a new account in terms of action limits, even if the registration date says 2022.

device and IP fingerprint history. this is where most buyers miss the point. if a 2021 account was created from one residential IP in Manila and you’re logging into it from a Singapore datacenter proxy, the age signal is partially offset by the environmental mismatch. you need to match the geographic profile of the account or the trust transfer is degraded.

phone number status. a phone-verified account is more trusted than email-only, but the verification phone matters. if the number has been recycled through ten accounts, platforms increasingly flag it. quality suppliers use dedicated SIM pools; cheap bulk suppliers reuse numbers heavily.

the in-house growth mechanism builds trust rather than buying it. the advantage is clean provenance: you know exactly what device profile the account was created on, you control IP consistency, and you can build behavioral history that matches your intended use case. a general-purpose aged account from a supplier may have no relevant activity history for your specific use case.

the key variable operators underweight is action limits relative to warmup state. a freshly bought aged account still needs a warmup period before high-frequency activity. the age extends how aggressive you can be in warmup, but doesn’t eliminate it. i’ve seen operators buy expensive aged accounts and immediately run them at full clip, treating age as a substitute for warmup. they burn through accounts in days.

worked examples

example 1: Facebook ads account farm, 50 accounts at scale

a Singapore-based operator trialed both approaches in Q3 2025. they bought 50 aged Facebook accounts (2-3 years old, US-based profiles) from a mid-tier supplier at $18-22 each, total around $950. they also grew 50 accounts in-house over eight weeks using US residential proxies and a manual warmup sequence with real device fingerprints via an antidetect browser.

results after 90 days: bought accounts had a 34% first-month checkpoint rate. of the 33 that survived, roughly 20 reached ad-running capability. effective cost per usable account: ~$47. in-house accounts had a 12% checkpoint rate. of the 44 that survived, 38 reached ad-running capability. cash cost per usable account was lower in-house, but time cost was much higher: roughly 12 hours of operator time across the batch.

the conclusion: at their scale, buying aged accounts and accepting the attrition made more sense because operator time was the real bottleneck. if they had spare warmup capacity, in-house would win on unit economics.

example 2: Reddit karma farming for link-building

reddit penalizes new accounts heavily. accounts under 90 days old and under roughly 100 karma have almost no ability to post in major subreddits without hitting automod. reddit’s own content policy doesn’t specify karma thresholds, but community-level automod rules across large subreddits are well-documented by moderators.

for a content operation targeting SEO link placement in finance subreddits, buying aged accounts with 1000+ karma at $8-15 each was far more practical than growing from zero. the platform’s friction against new accounts is steep enough that in-house would have required 3-4 months of active participation per account. the bought accounts had the karma and age signals needed to post immediately. the operator sourced from a supplier who showed account activity screenshots before sale, filtering out the worst recycled inventory.

example 3: TikTok creator accounts for a white-label growth agency

this is a case where in-house won clearly. the agency was building a TikTok account pool to seed engagement on client content. TikTok’s trust model is heavily device-fingerprint weighted, and TikTok’s community guidelines enforcement patterns suggest strong sensitivity to account takeover signals,an account suddenly operating from a different device than it was created on.

bought aged TikTok accounts had a ~50% early-action failure rate, largely because the device/IP mismatch triggered soft bans within the first week. the agency switched to growing in-house using Android emulators with randomized device fingerprints, registered on mobile data SIMs, held for 45 days before use. the in-house accounts had much better longevity. on platforms where device fingerprint continuity matters more than registration age, buying gives you less of what you’re paying for.

edge cases and failure modes

recycled account inventory. a supplier sells the same pool to multiple buyers, or sells accounts already through one failed operation. partially detect this by checking activity gaps, friend list patterns, and asking for account history documentation. most suppliers won’t provide it, which tells you something. the only real protection is testing a small batch before committing to volume.

geographic mismatch degrading trust transfer. running a US-profile account through a non-US IP partially defeats the purpose of the age. match your proxy geography to the account’s apparent origin. a good supplier will tell you the registration region; use proxies from that region for the warmup transition.

warmup skipping. operators assume “aged” means “ready to use.” it doesn’t. even a legitimate five-year-old account needs a transition period after login from a new device. i typically run a 7-14 day warmup even on aged accounts before escalating to the actions i actually want to perform.

supplier quality degradation. the PVA supplier market is not stable. suppliers who delivered quality inventory in 2023 may be delivering garbage in 2026 because their original farms were banned. always revalidate on a small batch before large orders, even with suppliers you’ve used before.

in-house scaling bottlenecks. growing in-house doesn’t scale linearly. the first ten accounts are manageable manually. at fifty, you need automation tooling. at two hundred, you need a full warmup pipeline with antidetect browsers, proxy rotation, and behavioral scripts. operators often underestimate this overhead when comparing in-house economics to buying. if you want a detailed look at the antidetect browser landscape, antidetectreview.org covers the major platforms in depth.

what we learned in production

the buy vs grow framing is a false choice for most mature operations. what works is a hybrid: maintain a small in-house growth pipeline for your core, high-value account pool, and supplement with bought aged accounts for surge capacity or platforms where growing from scratch is prohibitively slow. the in-house pool gives you reliable, well-characterized accounts you can push harder. the bought accounts are surge inventory you treat as semi-disposable.

proxy layer quality matters as much as account quality. excellent aged accounts burn quickly on flagged proxies, and mediocre bought accounts survive longer on clean residential IPs with good geographic matching. if you’re not thinking about proxy quality as a first-order variable, the proxyscraping.org proxy guides cover what “clean” actually means in residential proxy terms. account quality and proxy quality are co-dependencies, not independent variables.

cost comparisons must account for replacement rate. in-house accounts, done right, replace at roughly 10% annually. bought accounts, in my experience, replace at around 40% annually. over a 12-month horizon the economics of in-house look much better even with the upfront time cost. model the full lifecycle, not just per-account acquisition cost.

for platforms where the barrier to useful trust is measured in weeks, lean toward in-house. for platforms where the karma, age, or follower thresholds are measured in years of organic activity, buying is usually right as long as you’re disciplined about supplier vetting and warmup. estimate the time to utility in-house, estimate the cost and attrition of buying, and compare against your actual constraints. the mistake is picking an approach out of habit rather than matching it to the specific platform and scale.

for more on structuring multi-account operations at scale, the multiaccountops.com blog index covers warmup sequencing, browser fingerprinting, and platform-specific tactics in detail. for airdrop or testnet farming specifically, the approach differs from social media operations, and airdropfarming.org has practitioner-level write-ups on that vertical. for deeper coverage of warmup mechanics, see our account warming guide and the antidetect browser setup tutorial on this site.

references and further reading

Written by Xavier Fok

disclosure: this article may contain affiliate links. if you buy through them we may earn a commission at no extra cost to you. verdicts are independent of payouts. last reviewed by Xavier Fok on 2026-05-19.

need infra for this today?

cloud phones
cloudf.one

real Android phones in a SG datacenter. run Telegram on persistent hardware with a real mobile IP. free trial.

try a cloud phone →
mobile proxies
SingaporeMobileProxy

real 4G/5G IPs from Singtel, M1, Starhub. for Telegram on desktop, app automation, or scraping. from $35/mo.

get a mobile IP →