Bad actors are increasingly turning to review-bombing tactics as a weapon for extortion, leaving legitimate business owners in a precarious position.
Rather than compete fairly, scammers now orchestrate coordinated attacks using fake one-star reviews before making direct contact with business owners through third-party messaging platforms, demanding payment to halt the digital assault on their reputation.
Google Maps has taken a significant step to combat this growing threat by introducing a dedicated reporting mechanism that allows merchants to directly flag extortion attempts, enabling the platform to take swift action against malicious actors.
How Review Extortion Schemes Work
The review extortion racket operates in two distinct phases. First, bad actors execute what’s known as review-bombing, flooding a business’s Google Maps profile with inauthentic negative reviews designed to circumvent moderation systems.
This initial barrage of one-star ratings tanks the business’s overall rating and visibility within the platform.
Once the damage becomes apparent, the scammers make their move, contacting business owners through encrypted messaging apps or email to issue their ultimatum: pay the demanded fee or watch the negative reviews continue and intensify.
The threat itself represents a form of blackmail, exploiting the genuine fear that reputational damage poses to small businesses and service providers who depend heavily on customer reviews for growth and credibility.
Recognizing the severity of this emerging scam vector, Google has expanded its defenses against fake engagement and harassment on Maps.
The company already maintains strict policies prohibiting fake engagement, extortion, and other harmful content on the platform.
However, detection systems alone cannot address every threat, particularly when business owners need a direct channel to report ongoing extortion attempts.
The new reporting feature closes this gap by giving merchants a formal, official pathway to notify Google directly about extortion demands.
This streamlined process enables Google’s team to investigate claims more efficiently and remove malicious content faster while also building evidence patterns that help identify organized extortion rings.
Google strongly advises business owners never to engage with extortionists or pay any demanded ransom.
Capitulation only encourages further attacks and signals to scammers that the business is a viable target for repeated exploitation.
Instead, business owners should immediately report the malicious activity through the official merchant extortion report form available within their Google Business Profile settings.
Preserving evidence is equally critical; screenshots of chat logs, emails, and transaction records all provide documentation that strengthens reports to Google and assists law enforcement investigations into organized extortion networks.
By reporting through official channels rather than attempting to resolve matters privately, business owners contribute to a larger collective effort to dismantle these scam operations at scale.
Cyber Awareness Month Offer: Upskill With 100+ Premium Cybersecurity Courses From EHA's Diamond Membership: Join Today
%20(1).webp?resize=1068,580&ssl=1&description=Google Maps has taken a step to combat this growing threat by introducing a dedicated reporting mechanism that allows merchants){kind=link}