A Narrow Escape: Twitter User Narrates His Brush with a Google Maps Scam
A Twitter user, Shmuli Evers (@Shmuli), a couple of days ago shared his close call with a scam after his Delta flight was canceled. He turned to Google to find a contact number for Delta Airlines at JFK Airport, but little did he know he was about to step into a scammer’s trap.
Before the story begins, we should explain how scammers can leverage Google Maps. Scammers have found crafty ways to exploit Google Maps to deceive unsuspecting victims.
In an elaborate scheme, fraudsters may create entirely new listings with fake reviews to lend an air of authenticity. They may simultaneously spam the reviews section of the actual business listing, prompting Google to delete them. This way, the fake listing appears more credible, and potential victims are more likely to interact with it, falling into the scammer’s trap.
In addition, they can create listings in multiple places. This can lead to the manipulation of Google Search results. If location services are used while searching, the business listing scammers created can appear in the results.
The thread can be found here.
Shmuli Evers dialed the number he found on Google, believing he was contacting Delta’s customer service. However, the call was returned from a French number, which he pointed out as a red flag, and the person on the other end had a strong Indian accent. He continued the conversation, hoping to secure a new flight.
The scammer could pull up Evers’ trip information using his confirmation number and name. He then suggested an alternative flight from Newark and asked for confirmation via SMS. Still under the impression that he was dealing with Delta, Evers agreed.
The scammer then asked Evers to call him back, stating that he needed to cancel the original reservation and that Evers would have to pay for the new one. This was the final red flag that made him realize he was dealing with a scammer.
The scammer persisted, even after being called out, trying to convince Evers to pay five times the original ticket cost. Evers, now aware of the scam, refused.
But the story doesn’t end there. Evers put in his effort and discovered this wasn’t an isolated incident. He found six other airlines listed on Google with incorrect numbers, potentially leading other unsuspecting passengers into similar scams. The airlines affected included American Airlines, Air France, Qantas Airways, ITA Airways, and Turkish Airlines, all listed at JFK Airport, and Southwest Airlines at Laguardia Airports.
Evers also pointed out that even after Delta changed its number on Google Maps, Google Search still had the number wrong for Delta. He also criticized the airline’s website and app for not making their contact information easily accessible. This criticism may be directed towards other airlines which has the same attitude on accessibility. This could lead more people to rely on Google for contact numbers.
Evers ended his Twitter thread by sharing a YouTube video, highlighting that these types of scams have been going on for years. He also tagged @bryanthemapsguy, the speaker on the video, pointing out that the vulnerability in Google Maps discovered a decade ago is still active and affecting customers trying to reach airlines.
This story serves as a reminder to always verify contact information from official sources and to be cautious when dealing with customer service over the phone. Scammers are always looking for opportunities, and it’s up to us to stay one step ahead.
Written by Vedat Gündoğdu (SOCRadar’s Cybersecurity Researcher)
