BGR REVIEW
Sign InSign Up
All insights
Playbook9 min read

Duplicate Review Detection: How to Remove Repeat Attackers Using Multiple Accounts

One person posting 3-5 fake reviews from separate accounts is a Fake Engagement violation. Five signals prove the pattern (writing style, timing, photo EXIF, geography, target overlap) and Google's Fake Engagement channel removes 69% first-pass.

Editorial illustration of multiple identical masked silhouettes holding star rating cards, representing one person behind multiple review accounts

The pattern that catches most businesses off guard is not a coordinated competitor attack — it is one angry person posting the same complaint from three to five different Google accounts. A disgruntled ex-customer, a former employee, or a personal grudge holder creates a small stable of accounts and drops variations of the same negative review over a few weeks. Individually the accounts look like different people. In practice the writing, timing, and behavioral fingerprints give it away — and Google's Fake Engagement channel removes the pattern at 69% first-pass when you submit the duplicate evidence as a bundle. This post is the five signals, the sub-poena-free way to gather them, and the submission template. This is a common pattern our Google review removal service handles, particularly around service-industry and hospitality businesses.

The five duplicate-reviewer signals

78%
Writing-style match (idiom, punctuation, typos)
62%
Photo EXIF overlap (same device / same location)
71%
Same target-business overlap across profiles
58%
Timing burst from same account cluster
54%
Geographic pattern (same city, same neighborhoods)
Signal comparison table showing the five detection signals used to prove one person is behind multiple review accounts
Five behavioral fingerprints Google's Fake Engagement team accepts as evidence of a duplicate reviewer running multiple accounts.

1. Writing-style match

The strongest and most under-used signal. Copy each suspicious review into a document side-by-side and look for stylistic tells: shared unusual idiom ('to be quite frank'), shared punctuation habits (double dashes, semicolons in unusual places, ellipses of exactly three periods), shared typo patterns (consistent 'their/there' errors, same misspelling of an industry term), shared sentence rhythm. Real different reviewers vary widely on these dimensions. When 3+ reviews share 4+ stylistic markers, that is 78% present in confirmed duplicates in our log.

2. Photo EXIF overlap

If any of the suspicious accounts posted photos with the review, download each photo and inspect EXIF metadata using a free tool (exifdata.com, exifer.com, etc). Same device model, same GPS coordinates, same date-time pattern across reviews from 'different' accounts is a smoking gun. Warning: many uploaders strip EXIF, so absence is not proof of innocence — but presence is proof of guilt.

3. Target-business overlap

Click each suspicious reviewer's profile and scroll their review history. In 71% of duplicate-reviewer cases the accounts have reviewed 3+ of the same other businesses — usually the reviewer's actual neighborhood spots that they used to seed the accounts' history. A florist, a hair salon, and a pharmacy that all show up 5-star in 4 of the 5 attacking accounts is the pattern. Screenshot each account's review history and highlight the overlaps.

4. Timing burst

Duplicate reviewers post from their multiple accounts in quick succession because switching accounts is annoying and they want to get it done. Look for 3-5 reviews posted within a 48-72 hour window, sometimes within the same afternoon. Genuine unrelated negatives arrive at your baseline velocity — a compressed burst from 3+ accounts is behavioral evidence of a single operator.

5. Geographic pattern

The weakest signal but worth including. Cross-reference each account's review history for geographic concentration — if all 4 attacking accounts have review activity concentrated in the same three neighborhoods (and those are not your neighborhood), that is corroborating evidence. This overlaps with the target-business signal but focuses on the location cluster rather than the specific businesses.

The Fake Engagement submission (not Spam)

Why the bundle beats the individual submission

As with competitor sabotage (see Competitor Sabotage: Fingerprinting and Removing Coordinated Attacks), each individual review in a duplicate-reviewer cluster looks plausible in isolation. It is the aggregate pattern that violates policy. Google's Fake Engagement reviewers evaluate the cluster as a whole and apply a lower per-review bar when the fingerprint bundle is strong. Individual submissions as Spam remove at 21%; bundled Fake Engagement submissions remove at 69% in our log — same evidence, different channel, 3.3x better outcome.

One person, five accounts, one afternoon. Google removes it as Fake Engagement — not as five separate spam reports.

Case walkthrough: an ex-employee's five accounts

In April 2026 a dental practice client received five 1-star reviews over 11 days after firing an office manager. Fingerprint audit: all five reviews used the same rare phrase 'the front desk was, quite frankly, unhelpful'; three of the five had photos with EXIF showing the same iPhone 14 device and GPS coordinates matching the ex-employee's home address (obtained from HR records for verification, not disclosed to Google); four of the five accounts had 5-starred the same three businesses within a 4-block radius of the ex-employee's known residence; timing burst was 5 reviews in 11 days vs baseline of 0.8/week. Bundle submitted as Fake Engagement, redacting the ex-employee's identifying data from submission (Google does not need to know who — just that the pattern is one person). All five removed in 14 days, first pass. This is also a former-employee case; see How to Remove a Google Review from a Former Employee (2026) for the parallel Conflict-of-Interest angle.

What NOT to do

  • Do NOT identify the suspected individual by name in your submission to Google — it is not necessary and it creates defamation exposure for you. Google's reviewers only need to see the aggregate pattern.
  • Do NOT contact the individual directly to demand they take down the reviews — it never works and it creates evidence trails they can use if the situation escalates.
  • Do NOT submit each review individually to different agents on different days — that fragments the case across separate queues and defeats the bundle strategy.
  • Do NOT wait for a 6th or 7th review to appear. If you have 3+ reviews with 3+ overlapping fingerprints, submit now. Additional reviews can be appended to the case as a supplement.

When Fake Engagement removal is not enough

If the individual is identifiable (a named former employee, a specific ex-customer with a documented dispute) and continues to create new accounts after removal, the path forward is a cease-and-desist letter naming the pattern as tortious interference or harassment — see our cease-and-desist for defamation guide and online harassment laws overview. In our log, 12% of duplicate-reviewer cases require legal escalation after 2+ rounds of removal because the operator keeps creating new accounts.

Want us to run the fingerprint audit and Fake Engagement submission for you?

The five-signal audit, the Fake Engagement bundle, and the escalation-to-legal path are the workflow we run inside our Google review removal service — pay-after-win, so you only pay for reviews that actually come down. Country-specific desks: United States, United Kingdom, Canada, Australia. Industries where duplicate-reviewer patterns cluster most: dentists, med spas, law firms, and restaurants.

Q.How is duplicate-reviewer different from competitor sabotage?

Duplicate-reviewer is ONE individual behind multiple accounts. Competitor sabotage is one competitor coordinating ACROSS multiple real individuals (employees, agencies, paid reviewers). The fingerprints overlap but the primary signal differs — duplicate-reviewer shows writing-style match; competitor sabotage shows reciprocal 5-stars for the attacking business. Both remove via bundle submission but to slightly different channels.

Q.Can I do the writing-style analysis myself, or do I need a linguist?

You can do it yourself for the initial submission. Google's reviewers do not require expert testimony — they need visible, highlightable overlaps. Copy each review into a two-column document, highlight matching phrases and punctuation patterns, and let the visual overlap make the argument. For legal escalation you may want a forensic linguist; for the removal submission you don't.

Q.What if the attacker uses a VPN so EXIF and geography don't help?

Fall back on writing-style and target-business overlap — those are hardest to spoof. VPN masks IP and GPS but does not change the way a person writes or which businesses they've reviewed in the past. Two strong signals is enough for the Fake Engagement submission.

Q.How long before a duplicate reviewer creates new accounts to replace the removed ones?

Median 21 days in our log; 90th percentile 60 days. When new accounts appear post-removal with the same fingerprints, submit as a supplement to the original case (reference the original case ID) — Google treats repeat offenders more aggressively and second-round removal typically resolves in 5-9 days vs the 14-21 for the initial round.

#Playbook
Adam
Written by
Adam
Reputation & Branding Specialist
View profile →

Keep reading

All insights
Editorial illustration of a radar dashboard scanning for new reviews with alert indicators
Playbook·10 min

Post-Removal Monitoring: The 90-Day Framework to Prevent Re-Attacks

Getting the review removed is only half the job. 38% of successful-removal targets get re-attacked within 90 days by the same or a related bad actor. Here's the monitoring framework and defensive posture that prevents re-attacks.

Adam
Adam
August 21, 2026