Can an attacker use the Google Maps quota of another site?

From what I understand (given this previous question and the Google Maps API documents ), it seems that an attacker could start another site quota.

For example, let's say I launched the Find a Taxi web application, and the participant launches the Find Ride. In my web application JavaScript code, I include the Google Maps v3 API key. The developer for "Find Ride" starts the PhantomJS process, which tricks the referrer header (like http://findtaxi.com/ ) and uploads 25,000 maps a day to its servers (the quota limit is ending). Please note that even taking into account the speed limit of the client's IP address, 1 request / second / user, the quota can be reached from one client within one day (86,400 seconds per day).

I created a simple PhantomJS script to simulate this (and the API key restricting the referrer to example.com/*), so this attack seems to be doable. Is Google relying on non-technical reasons to prevent this? For example, I can see legal problems (a threat to business if this attack was a leak) and economic problems (the cost of launching an attack server).

I guess I ask this question if I missed the technical reason why this attack is impossible.