Scamsters seem to have stumbled upon a gold mine in the form of a loophole in the Google Maps interface. Taking advantage of the fact that on Google Maps, an establishment’s contact details can be edited by anyone, a group of Thane-based con artists have been putting up their own contact numbers and getting customers who call them into revealing sensitive account details.
According to the Maharashtra cyber police, the trend began over a month ago. Police officers said that if one searches for a particular branch of a bank on Google, the results include the Google Maps page. But the contact information on the page, such as the address and phone number, can be edited by anyone as part of Google's User Generated Content policy.
“We have received at least three complaints from the Bank of India (BoI) over the last one month. In all three instances, we immediately notified the authorities at Google,” Superintendent of Police Balsing Rajput of the State cyber police said.
Mr. Rajput said many customers search online for their bank’s contact details, and after getting the incorrect number, call it with their queries. Unknown to them, they are actually speaking to a scamster who, under some pretext, convinces them to reveal details such as their Personal Identification Numbers (PIN) or the CVV numbers of their debit and credit cards, enabling the scamsters to withdraw money from their accounts.
A BoI spokesperson said, “After these incidents came to our notice, we modified the contact details on these branch listings on Google Maps. We asked users to use only Bank of India’s official website to search for branch contact details.”
When contacted, a Google spokesperson said, “Overall, allowing users to suggest edits provides comprehensive and up-to-date info, but we recognise there may be occasional inaccuracies or bad edits suggested by them. When this happens, we do our best to address the issue as quickly as possible. The Google Safety Center outlines tips to help consumers stay safe online.”