Over the past few days there has been a steep increase of reports of legitimately claimed LBC listings being hijacked in Google Maps. The reports (here, here, here & here) all follow the hijacking pattern that Locksmiths widely suffered during the second half of last year. The last of these recent reports, Hotel Hijacking Map Spam or Does Google Suck? is the most recent and happened to a friend of Marty Weintraub of AimClear.
There is a bug where Google has a problem with merging records. They often conflate two records that have similar attributes but usually these two records have the same addresses, or share a phone number and/or have similar web urls. The above examples, while possibly severe cases of merging, show all of the attributes of hijacked records. Given that Google Maps is the ultimate black box, one can only guess at the actual backend processes that occur but it shure looks similar to the mapjackings. Regardless the result to the end business is no less severe. In Marty’s case, he noted a likely 50% drop in visitation due to the problem.
The methodology in the Locksmith hijacking was for the bad guys to create a totally exact duplicate record of the real business in the LBC with but one change, the phone number. The record would be verified via the phone system and over time, this listing would be merged with the original LBC record in the cluster. Because it was more recent the LBC records it would be identified as the authoritative source by Google and the bad guys could change then change the record at will and modify URL etc.
These records when viewed in Maps are characterized by showing the wrong url, multiple phone numbers in the more info view AND multiple Provided by the business owner entries created each time the record was reclaimed via this process.
As he notes in his article there are many types of hijackings and mapspam that occur in Google’s wiki world of Maps but the one that is most disturbing to me are the ones, like the Hotel Hijacking Map Spam or Does Google Suck?, that occur to claimed records. Firstly it indicates incredibly malicious intent on the part of the folks to perpertrate the action. Secondly it indicates an incredible violation of trust on the part of Google. A local business has every reason to trust Google & needs to trust Google when they say that claimed records can not be hijacked. This trust is the lubricant of all transanctions in our commercial world and in local this goes in spades. For Google to offer up the platform where that chain of trust can be broken portends the failure of Local Search if it can not be brought under control.
It is possible that these records are just now showing the results of hijacks that occurred before Google closed the vector, they could be new hijack technique or it is possible that there is a new extreme problem of merging taking place within Google Maps. Hopefully, Google will let us know what is going on. Regardless, its impact to the affected businesses is severe.