Honey Investigation Deepens: Revealing New Browser Extension Risks for Affiliate Programs

YouTuber MegaLag's second investigative video into PayPal's Honey browser extension has expanded the scope of the scandal beyond affiliate commission theft to reveal systematic exploitation of small businesses and deliberate targeting of minors. The video released just before Christmas week as a follow-up investigation, demonstrates that the browser extension controversy represents not just isolated bad practices, but fundamental structural problems requiring operational responses from affiliate program managers.

Beyond Commission Hijacking: New Allegations Against Honey

MegaLag's second investigation reveals Honey maintained a database of 181,000 online stores as of late 2024, yet only 35,000 had active affiliate partnerships with the platform. This means 146,000 stores appeared on Honey without consent or formal agreements, undermining the premise that businesses voluntarily participated in the extension's discount code ecosystem.

The investigation details how Honey populated its database through user activity rather than merchant permission. When Honey users applied discount codes that the extension didn't recognise, it allegedly captured these codes without proper user consent, contrary to its stated policy of requesting permission before adding new codes. This mechanism allowed private codes intended for employees, refund situations, or targeted promotions to spread across Honey's entire user base.

The video mentions that small businesses that contacted Honey to remove unauthorised discount codes received unhelpful responses, with several providing email evidence that Honey would only remove them if they signed up as paying affiliate partners, suggesting that Honey created the discount leakage problem, then charged businesses to solve it.

Targeting Minor Audiences Through Gaming and Animation Content

The video highlights Honey's deliberate pursuit of creators whose audiences skew younger. MegaLag identified Honey sponsorships across Minecraft, Roblox, and cartoon-focused channels, including partnerships with creators as young as 14 years old. One sponsored video was titled “Back to School,” explicitly appealing to school-age audiences.

This targeting strategy becomes particularly concerning when combined with MegaLag's assertion that Honey functions primarily as a data harvesting operation. The $4 billion PayPal acquisition price suggests value beyond simple coupon aggregation, with the extension's access to cross-merchant browsing behaviour across millions of users representing significant data intelligence for PayPal's advertising business, which launched new products in 2025 leveraging transaction insights.

Class Action Lawsuits and Platform Policy Changes

The legal response has been swift and comprehensive. Over 20 class action lawsuits have been filed against PayPal, alleging wiretapping, computer hacking, unfair competition, consumer fraud, tortious interference, and unjust enrichment. Wendover Productions and GamersNexus are among the named plaintiffs seeking damages exceeding $5 million.

On November 7, 2025, Federal Judge Beth Labson Freeman denied PayPal's motion to force the class action into arbitration, ruling that PayPal's user agreements for individual account holders do not extend to broader business disputes about Honey's affiliate marketing practices. This decision allows the case to proceed in federal court, increasing potential exposure for PayPal.

Google responded to the initial Honey controversy by updating Chrome Web Store policies in March 2025. Extensions can now only include affiliate links if they provide clear, direct user benefits and fully disclose affiliate relationships before installation. Microsoft discontinued its coupon feature in May 2025 as similar lawsuits mounted against its Shopping extension.

Honey has already lost users since December 2024 with an estimated 30% user decline demonstrating significant consumer response to these open source revelations.

What Affiliate Program Managers Should Do

The Honey video exposes critical vulnerabilities in how affiliate programs structure attribution, vet partners, and protect revenue streams. Affiliate managers cannot assume last-click attribution accurately reflects partner contribution when browser extensions systematically override tracking mechanisms.

Audit Your Current Attribution Model

Last-click attribution remains standard across most affiliate programs, but the Honey case proves this model incentivises bad actors to intervene at checkout regardless of whether they provided genuine value. Affiliate managers should evaluate whether their attribution framework rewards actual influence or simply rewards whoever touches the customer last.

Multi-touch attribution models that credit partners across the conversion funnel provide more accurate representation of partner contribution. Everflow's Enhanced Flowchart Visualization offers visibility into pre and post-conversion click mapping, revealing all interactions before and after attribution. This level of transparency helps identify when browser extensions are hijacking commissions.

The Affiliate Source (AFSRC) parameter proposed by Pie offers a straightforward solution to attribution conflicts by creating clear rules for when affiliates should or shouldn't compete for attribution. While industry-wide adoption remains limited, forward-thinking programs can implement this standard immediately without requiring consensus from other participants.

Establish Clear Rules for Coupon and Extension Partners

Browser extensions and coupon sites serve legitimate functions within affiliate ecosystems when they operate transparently and provide genuine value. 

Programs should implement explicit policies prohibiting partners from overriding existing affiliate cookies or claiming attribution without providing demonstrable value. Partnership agreements must clearly define what constitutes acceptable behavior at checkout, with immediate termination clauses for partners found engaging in cookie stuffing or attribution hijacking.

Implement Technical Safeguards That Are Right For Your Business

Server-to-server tracking combined with first-party data strategies provides foundations for maintaining attribution accuracy despite browser limitations. As cookie-based attribution continues declining due to privacy regulations, programs need multiple attribution methods to ensure comprehensive tracking coverage.

Advanced tracking solutions now incorporate probabilistic models and AI-powered analytics to identify patterns in customer behavior that traditional tracking would miss. Zero-click search environments already challenge traditional attribution, requiring affiliate managers to develop measurement approaches beyond simple click-through rates.

Regular audits comparing affiliate-attributed sales to total program revenue can reveal discrepancies suggesting attribution manipulation. If coupon or extension partners show conversion rates dramatically higher than other partner types, this warrants investigation into whether they're capturing organic traffic that would have converted regardless.

Diversify Your Partner Mix Beyond Bottom-Funnel Players

Over-reliance on coupon and loyalty sites creates program vulnerability when those partners face regulatory scrutiny or platform policy changes. Programs built primarily around discount-driven partners struggle to demonstrate incremental value, making them targets for budget cuts when economic conditions tighten.

Content creators, influencers, and media partners that introduce customers to brands early in the purchase journey provide more defensible value propositions. These top and mid-funnel partners face less risk from browser extension interference because they engage audiences before purchase intent solidifies.

The most resilient affiliate programs maintain diverse partner portfolios spanning content publishers, comparison sites, loyalty platforms, influencers, and email marketers. This diversity distributes exposure across multiple attribution pathways, reducing dependence on any single partner type or traffic source.

Communicate Transparently With High-Value Partners

Affiliate managers should proactively communicate program policies around attribution, especially regarding how coupon and extension partners are managed. Transparency about commission structures, attribution windows, and partner segmentation strategies helps high-value partners understand they're protected from bottom-funnel poaching.

Programs that prioritise creator relationships often implement attribution protections specifically for content-driven partners. Some use separate tracking mechanisms for influencer partnerships that bypass standard affiliate networks, ensuring creators receive credit regardless of browser extension interference.

The Broader Implications for Performance Marketing

The second video represents more than isolated bad behaviour from one extension. It reveals systemic incentive misalignment in how digital commerce attributes value across the customer journey. When last-click attribution dominates, bad actors are financially rewarded for inserting themselves at checkout regardless of whether they influenced the purchase decision.

Research from Nielsen shows only 32% of marketers globally measure media spending holistically across digital and traditional channels. This measurement fragmentation creates opportunities for attribution manipulation, as most programs cannot detect when browser extensions systematically capture organic traffic.

The legal precedents established through Honey and similar lawsuits will likely force industry-wide changes in how browser extensions operate. Google's policy updates and Microsoft's coupon feature discontinuation demonstrate that major platforms recognize the need for stricter governance around affiliate attribution manipulation.

However, regulatory and policy changes move slowly. Affiliate program managers cannot wait for industry-wide standards to protect their programs. The operational adjustments outlined above can be implemented immediately without requiring external consensus.

Moving Forward: Attribution as Competitive Advantage

Programs that invest in sophisticated attribution capabilities gain competitive advantage in an environment where measurement accuracy separates successful programs from those that fail to capture their true performance. AI is reshaping how influence and attribution work in affiliate marketing, with platforms using machine learning to identify patterns in customer behaviour that traditional tracking misses.

The affiliate industry isn't disappearing—it's adapting to a landscape where influence happens earlier and in different environments than traditional models assumed. Publishers who produce genuinely authoritative content, brands that invest in comprehensive attribution, and networks that evolve measurement capabilities will thrive while programs dependent on flawed attribution models struggle.

The Honey investigation provides a stark reminder that affiliate marketing works best when built on a collaborative rather than combative approach. Programs that fairly credit partners across the customer journey create sustainable ecosystems where all participants benefit from transparent, value-driven partnerships.

_________________________________________________________________________________________