Beware Mysterious Mandy, the New Wrong- Number Phisher
Over the last few weeks, more Americans are being hit with mysterious wrong-number scam text messages from a strange blonde woman, since dubbed the Wrong-Number Phisher by some media outlets. She goes by several names—sometimes Amanda, or just Mandy—and slides into your inbox with a text that appears to be to the wrong number. When the target points out the mistake, the mysterious Mandy acts embarrassed, and attempts to strike up a conversation with the target. The purpose is to convince the target to sign up for adult websites in order to view nude photos of Mandy, after which point the phishers will have all the information necessary to scam the target out of hundreds, if not thousands.
The wrong-number scam is so organically scripted that its level of verisimilitude is almost staggering—so much so that it managed to fool one of our seasoned blog writers. Despite writing regularly on phishing scams and other black hat techniques, even the most experienced professional would initially consider this to be a genuine misunderstanding. The message starts out, “Hey is this____?” often using a variety of names, “its Amanda,,, we chatted on tnder before when I cam up to visit my aunt but we never met in person..i’m back in town rn if you wanted to actually go out this time, r you free?” From the use of commas as an ellipsis to the texting shorthand many users are familiar with, it has the earmarks of a genuine wrong-number texter The message is often accompanied by or followed shortly by a selfie of the woman, adding to the believability of the Wrong-Number Scam.
How the Wrong-Number Phisher Works
Embarrassed for Mandy, the target of the scam feels accommodating and willing to encourage a conversation with this beautiful, young woman, which subsequently leads to Mandy feigning attraction for the target and sending them a link to an adult website where they can allegedly view nude pictures of Mandy, which of course requires credit card information. As the first rule of internet safety goes, the user should never click on any suspicious or unsolicited emails/links, as they could be sophisticated tools used by phishers to steal their information. What makes the scheme easy to debunk is the phisher’s sometimes obvious inattention to detail. For instance, if the target has sent Mandy a picture, Mandy might incorrectly identify eye or hair color, or incorrectly assign male or female characteristics to the target. This is because a typical phishing or financial scam involves a team of phishers, a bank of computers, and a list of phone numbers. The scammer will have multiple windows up at once, speaking to multiple targets at once through anonymous, encrypted platforms such as WhatsApp. This prevents the source from being easily traced. With so many windows open at once, the phisher may lose track of whom they are speaking and will make mistakes. Vigilance of these warning signs, and additionally poor grammar and spelling, is crucial to protecting your information from scammers.
Is this sex-trafficking?
Since the first appearance of the Wrong-Number Phisher about a month ago, rumors have arisen that Mandy’s wrong-number scam may be a way to target and kidnap individuals for purposes of sex-trafficking. These rumors began when users on Tiktok began posting screenshots of Mandy’s communication, claiming they had been targeted for sex trafficking. An anti-conspiracy educator and survivor of sex-trafficking, Jessica Dean, took to TikTok to explain why this particular kind of scam would not be ideal for sex-traffickers, “Sex traffickers aren’t really targeting complete strangers—and this would be a really stupid way to target somebody if they wanted to kidnap a complete stranger, because there would be evidence on your phone…Sex traffickers overwhelmingly target people they already know. Sometimes those are people they met online, but it’s usually a very slow grooming process—they get to know you, they get you to like them, and then they start asking you ‘certain favors.”
Should you receive a text message from a strange blonde woman who claims she’s trying to reach a missed connection, the simple answer is to ignore the text and block the number. The more you converse with the Wrong-Number Scam and the more information you provide, the more the scammer will be convinced that you are a valuable target—particularly if you are ignoring basic mistakes in grammar and spelling, or ignoring misidentification errors. Phishers and scammers know that if a target is willing to overlook mistakes like those, the more likely that target will be to part with money.