The Maharashtra cyber police department has uncovered a new kind of online scam which involves duping people into revealing their confidential banking details by exploiting a Google Maps loophole. Scammers are using the Google Maps feature that lets users edit contact information for places to to change numbers related to bank branches which Google shows as search result. Removing the official numbers, users are duped into calling fake numbers and are being defrauded thus.

As per Google’s User Generated Content policy, any person can edit the address and contact information of a place listed on Google Maps. This freedom is being exploited by cybercriminals to dupe unsuspecting users.

The swindlers pose as the representatives or employees of a bank when a customer calls the fake number listed on Google Maps and then trick these users into giving up sensitive information such as ATM PINs, or CVV numbers of their debit or credit cards. The criminals use these details to withdraw money or make online purchases from the victim’s account.

“We have received at least three complaints from the Bank of India (BoI) over the last one month. In all three instances, we immediately notified the authorities at Google”, Balsing Rajput from the state cyber police was quoted as saying by The Hindu

Bank of India has since changed the address and contact details of the multiple branches listed on Google Maps and has advised customers to only call on numbers listed on the bank’s official website and documents.

“Overall, allowing users to suggest edits provides comprehensive and up-to-date info, but we recognize there may be occasional inaccuracies or bad edits suggested by them. When this happens, we do our best to address the issue as quickly as possible”, a Google spokesperson is quoted as saying by The Hindu.