As reported on The Verge.
By Josh Lowensohn
After failing to get Google’s attention about alleged security weaknesses on location listings added to Google Maps, an engineer created his own fake listings on the service that recorded calls made to the FBI and Secret Service. Bryan Seely, a former Microsoft and Avanade employee, set up listings to both government offices using a combination of Google’s Map Maker and Google Places, then used call recording software to tape calls made to the real offices, which the numbers forwarded to without the caller knowing.
The ruse, which Seely detailed to Valleywag, lasted just four days, but managed to get the attention of the Secret Service, which eventually thanked him for it. Google declined to comment on the issue, but said it regularly removes any listings that violate its policies:
We work hard to remove listings that are reported to violate our policies as quickly as possible, and to check bad actors that try to game the system by altering business descriptions once they are live on Google Maps. We encourage users to let us know when they see something that might violate our guidelines by using our “Report a Problem” tool, found at the bottom right corner of the map. Everyday there are thousands of great edits that get made to Google Maps through Map Maker.
The incident is the second in recent weeks to poke at the security of Google’s online business listings, which the company opens up for public updates, as well as polices. Last month, Search Engine Land detailed a widespread effort to hijack hotel listings, a plot that targeted Google+ pages, which in turn fed into Google Maps and Google Search. While that plan aimed to bolster online travel bookings for a particular target site, Seely said his plan was purely cautionary. “Who is gonna think twice about what Google publishes on their maps?” he said. “Everyone trusts Google implicitly and it’s completely unwarranted and it’s completely unsafe.”