Review Bombing Attacks and Extortion

NOVEMBER 26TH, 2025

2min read

Copied to clipboard

Introduction

Malicious actors use “review-bombing”, a coordinated flood of fake, one-star reviews as an initial step for extortion. This high volume of inauthentic reviews attempts to damage a business’s public rating and reputation by bypassing moderation. Scammers then contact the owner, typically via third-party apps, demanding payment. They threaten that if the fee isn’t paid, the negative reviews will remain or the attack will escalate, coercing the victim into paying.. These schemes most commonly target platforms that are highly visible to potential customers, such as Google Maps and Google Business Profiles

Recommendation on what to do

Do not panic: Gather every possible evidence and save them. Evidence such as Screenshots of the one-star reviews (including reviewer profile names), screenshots of the extortion demand (messages, emails, etc.), including timestamps, details of the third-party messaging app used by the scammers.
Do not engage or pay them: Paying incentivizes the criminals to continue their scheme, may mark you as a target for future attacks, and does not guarantee the reviews will be removed. Do not negotiate or threaten the scammer.
Report the incident: When you report, you will need to provide the evidence you collected.

Proactive Measures and Best Practices

The review-bombing extortion is a security incident, not a reflection of your customer service. Your primary goal is to report it officially, not to manage the reviews publicly at first.

Public Response (After Reporting): If you feel you must respond publicly to the fake reviews, do so only after you have submitted your report and secured all evidence. Keep the response brief, professional, and factual.
Encourage Authentic Reviews as a Long-Term Strategy: Satisfied customers often need a nudge. As part of your normal, long-term reputation management, ethically encourage happy customers to share their experiences. This helps build a foundation of genuine feedback that can make your profile more resilient.
Submit a Formal Extortion Report: Google announced a new capability inside Google Maps. The tool allows business owners to report extortion attempts that use fabricated negative reviews.
Flag Each Fraudulent Review: Use the “Flag as inappropriate” link on the review page. Select the reason “Spam or fake content.”
Involve Law Enforcement: A crucial step for a business, particularly a large one, is often to report the incident to local law enforcement or a national cybercrime unit.

Keywords

Primary: review bombing, online review extortion, fake reviews
Secondary: Google Maps attacks, reputation management, fraudulent reviews, business profile protection, reporting extortion, cybercrime prevention

Explore more CIL Advisories

Synthetic Phishing: AI-Enabled Insider Impersonation

IntroductionThreat actors increasingly use artificial intelligence (AI) to impersonate trusted individuals such as executives, employees, or suppliers within organisations. These…

NOVEMBER 24TH, 2025

The Silent Security Threat: Data Hoarding

IntroductionThe greatest risk to your organization may be the sheer volume of data we hold, a practice known as Data…

NOVEMBER 19TH, 2025

Supply Chain Security: Preventing Software and Hardware Breaches

IntroductionA supply chain attack is an attack strategy that targets an organization through vulnerabilities in its supply chain. These vulnerable…

NOVEMBER 17TH, 2025

Never miss a CIL Security Advisory

Stay informed with the latest security updates and insights from CIL.

CIL Support