Cyber-security researchers on Tuesday red-flagged domains and botnets that have access to the private shopping data of close to 10 crore Indians, allegedly impacting brands like Amazon India, ICICI Bank, Policy Bazaar, Bajaj Finserv via a massive advertising fraud. Gurugram-based cyber security and digital AD threat intelligence platform Com Olho claimed that government entities like the State Bank of India, ITR Forms & Verifications, Indian Railways, Bank of Maharashtra and GST etc. are also targeted to drive traffic to "websites that are running Google or other forms of advertisements on their platforms, instead of redirecting them to legitimate information".

The domains mailindiaa.com and connectinboxx.com were identified to be the platforms that are registered on private proxies, which masks their digital identities. "These platforms use email servers and automations which targets Indian consumers to serve the ads. The technique of masking also suggests possible tax evasion by the real owners of the platform," the company said in a statement. The companies and Indian entities allegedly affected were yet to comment on report.