PayPal Honey Alleged Scam: How a Browser Extension Reportedly Diverts Millions from Creators and Businesses
We analyzed Honey's publicly accessible database of 173.9K stores — data that Honey exposes through their browser extension. The data reveals what appears to be systematic affiliate fraud, with 84.4% of stores reportedly added without consent and evidence suggesting widespread commission diversion.
Partnership Distribution
What is PayPal Honey?
PayPal Honey is a browser extension that claims to automatically find and apply coupon codes at checkout. With over 17 million users and acquired by PayPal for $4 billion in 2020, it has become one of the most widely-used shopping tools on the internet. But beneath the surface of this "free money-saving tool" lies what critics allege is a sophisticated scheme that has been systematically diverting affiliate commissions from content creators and exploiting online businesses, including thousands of Shopify stores and ecommerce merchants across all major platforms.
The extension is promoted by thousands of YouTubers, podcasters, and influencers who earn affiliate commissions when their audiences install Honey. What these creators may not realize is that Honey allegedly diverts commissions from them through a practice known as affiliate hijacking or cookie stuffing.
This ecommerce industry investigation, based on Honey's publicly available store data obtained from their extension and shared by independent researchers, reveals the true scale of their operation and exposes how they profit at the expense of creators, online businesses, and consumers alike. Our store analytics reveal patterns that every ecommerce entrepreneur and online store owner should understand.
How the Alleged Scam Works
The alleged Honey scam operates through a mechanism called "last-click attribution" hijacking. Here's how it reportedly works:
The Alleged Commission Diversion Process
- 1User clicks affiliate link:
A viewer clicks a creator's affiliate link (e.g., from a YouTube video), which places an affiliate tracking cookie on their browser.
- 2User browses and adds to cart:
The user shops on the website and adds items to their cart. The creator's affiliate cookie is still active.
- 3Honey activates at checkout:
At checkout, Honey automatically pops up and "searches for codes" — even if there are no valid codes available.
- 4Cookie is replaced:
During this process, Honey replaces the creator's affiliate cookie with its own, claiming the "last click" attribution.
- 5Honey allegedly receives the commission:
When the user completes the purchase, Honey reportedly receives the affiliate commission instead of the creator who actually drove the sale.
"Honey reportedly takes a 97.5% cut of affiliate commissions, passing only 2.5% back to users as 'Honey Gold' rewards. This means when Honey allegedly diverts a $10 commission from a creator, users get roughly $0.25 in rewards."
About This Dataset: Honey's Publicly Available Store Data
The dataset presented in this investigation was obtained through publicly accessible endpoints that Honey exposes for their browser extension to function. When you install the Honey extension, it needs to know which stores it supports, what coupon codes are available, and which stores have affiliate partnerships. This information is fetched from Honey's servers in real-time.
This publicly accessible data was compiled into a comprehensive dataset of 173.9K stores. This market research dataset represents Honey's complete store directory and includes valuable store insights and ecommerce analytics into their business practices — essential intelligence for competitor analysis and understanding affiliate marketing dynamics.
What the Dataset Contains
Data Analysis: 173.9K Stores Exposed
Our data analysis reveals disturbing patterns in how Honey operates. The most striking finding from our ecommerce research is that 84.4% of stores (146.7K out of 173.9K) have no affiliate partnership with Honey. This means these online stores were added to Honey's database without their knowledge or consent, and their coupon codes are being collected and distributed without permission — affecting store performance and revenue tracking across the industry.
Stores by Country
Top Affiliate Networks
Top Stores by Monthly Shoppers
| Store | Country | Shoppers | Status |
|---|---|---|---|
Microsoft https://www.microsoft.com | 🇺🇸 US | 7.0M | No Consent |
ChatGPT https://chatgpt.com | 🇺🇸 US | 6.2M | No Consent |
Apple https://www.apple.com | 🇺🇸 US | 4.4M | Partner |
Netflix https://www.netflix.com | 🇺🇸 US | 3.8M | No Consent |
Walmart https://www.walmart.com/shop/deals | 🇺🇸 US | 2.9M | No Consent |
Canva https://www.canva.com | 🇦🇺 AU | 2.7M | No Consent |
Target https://www.target.com | 🇺🇸 US | 2.0M | No Consent |
USPS https://www.usps.com | 🇺🇸 US | 1.7M | No Consent |
Best Buy https://www.bestbuy.com | 🇺🇸 US | 1.6M | No Consent |
Disney+ https://www.disneyplus.com | 🇺🇸 US | 1.5M | No Consent |
Who Gets Hurt by Honey?
Content Creators and Influencers
Content creators are perhaps the biggest victims of Honey's scheme. When they promote products with affiliate links, Honey users who watch their content and later make purchases will have their commissions stolen. The cruel irony is that many creators actively promoted Honey, unknowingly encouraging their audiences to install software that would steal from them.
Small and Medium Ecommerce Businesses
Our store analytics show that 146.7K online stores are in Honey's database without any affiliate partnership. These ecommerce businesses — including Shopify stores, WooCommerce merchants, and independent retailers — have their private coupon codes harvested, shared publicly, and used without permission. Employee discount codes, VIP customer codes, and influencer-specific codes all end up in Honey's system, devastating their marketing ROI and promotional strategies.
Consumers and Online Shoppers
While Honey positions itself as a money-saving tool, consumers are hurt in several ways: privacy invasion through traffic tracking across 173.9K stores, inferior codes compared to what's actually available, and unknowingly participating in alleged commission diversion from creators they follow. The shopping data collected enables unprecedented consumer behavior analysis and targeted advertising.
Affected Creators: Documented Case Studies
While Honey has affected hundreds of thousands of content creators, several high-profile cases have been documented through investigations by researchers like MegaLag. These case studies reveal the systematic nature of Honey's affiliate hijacking and the significant financial impact on creators of all sizes.
Linus Tech Tips
19M+ subscribers • Tech reviews & tutorials
What happened: Linus Media Group promoted Honey since 2017, reportedly unaware that Honey was overriding their own affiliate links. It took several years for them to discover the alleged diversion.
Discovery: In 2020, a forum user first raised concerns, but it was ignored. In 2022, an LMG employee confirmed: "If someone clicked on an affiliate link and then they used Honey and searched for a deal, Honey will override that tracking link even if they don't find you a deal. That didn't jive with us, so we ended the partnership."
Significance: If a tech-savvy team with extensive affiliate marketing experience took years to catch on, imagine how many smaller creators are still being robbed without knowing.
Estimated Impact: With millions of viewers using their affiliate links for tech purchases (average order $200-500), LTT likely lost hundreds of thousands of dollars during their Honey partnership years.
MrBeast
340M+ subscribers • Honey's #1 sponsor
Scale of Promotion: MrBeast's Honey sponsorships garnered a staggering 3+ billion views, representing over one-third of Honey's total YouTube sponsored views. Honey's former president proudly stated: "Every kid in America knows what Honey is."
The Irony: While MrBeast earned millions from sponsorship fees, his audience's subsequent purchases through his OTHER affiliate links (merchandise stores, partner products) were systematically hijacked by the very extension he promoted.
Audience Demographics: MrBeast's audience skews heavily toward minors (13-17 age group), raising additional concerns about Honey's data collection from children who installed the extension.
Key Quote from Honey's President: "Every kid in America was telling their moms and dads they needed to download Honey in order to save money." — Joanne Bradford, Former Honey President
MegaLag's Commission Test
Investigative journalist • Documented proof
The Experiment: MegaLag set up his own NordVPN affiliate account (40% commission rate) and made two identical purchases — one with Honey Gold activated, one without.
What Honey Gave Back: After allegedly taking the $35 commission, Honey rewarded the "consumer" (in this case, MegaLag himself) with 89 Honey Gold points = $0.89. That's a 97.5% profit margin for doing absolutely nothing.
The Math: Honey stole $35.00, gave back $0.89 (2.5%), and pocketed $34.11 (97.5%) — for a transaction they had zero role in generating.
Other Notable Affected Creators
19M subs • Tech reviews with high-value affiliate links
Was 14 years old when sponsored • Back-to-school content
Primarily child audiences • Honey's target demographic
Lead plaintiff in class action lawsuit against PayPal
These documented cases represent just the tip of the iceberg. With over 17 million Honey users and hundreds of thousands of affiliate marketers, the total number of affected creators likely numbers in the hundreds of thousands, with collective losses potentially reaching hundreds of millions of dollars.
Estimated Industry-Wide Creator Losses
Using data from this Honey database and industry affiliate marketing statistics, we can estimate the potential scale of alleged commission diversion affecting content creators worldwide.
📊 Creator Loss Estimation Model
Data Points from Our Research
Estimated Creator Losses
Calculation Methodology
Our estimation uses the following conservative assumptions based on industry data:
- ~8% of online shoppers have Honey or similar extensions installed
- Average order value across affiliate purchases: $75-150
- Average affiliate commission rate: 8-12%
- Honey intercepts ~70-90% of transactions where present at checkout
- Based on 283.8M monthly Honey shoppers across 173.9K stores
Losses by Creator Category
Tech & Gaming
High-value products, long purchase cycles
PC parts, peripherals, software
Fashion & Beauty
High volume, frequent purchases
Clothing, cosmetics, accessories
Lifestyle & Misc
Broad category with diverse products
Home goods, fitness, food
These figures are conservative estimates based on publicly available data from Honey's extension. The actual losses could be significantly higher when accounting for all affiliate networks, smaller creators, and the compounding effect of lost repeat customers who now use Honey for all purchases.
Commission Loss Calculator
Are you a content creator, blogger, or affiliate marketer? Use our calculator below to estimate how much money you may be losing due to Honey's practices. This tool uses industry averages and data from our investigation to provide a realistic estimate of your potential losses.
Commission Loss Calculator
Estimate how much you may be losing due to Honey
Total monthly sales from affiliate links
Average purchase amount
Typical: 5-15% for most programs
Industry estimate: 5-12% of users
💡 What Can You Do?
- Warn your audience about Honey's practices and recommend uninstalling
- Use affiliate networks with "standdown" rules that protect against cookie hijacking
- Consider joining the class action lawsuits against PayPal
- Implement coupon code protection on your own store if applicable
- Document your losses for potential legal claims
Honey's Harvested Coupon Codes and User-Generated Content
One of the most troubling aspects of Honey's operation is how they collect coupon codes. Our investigation found 1.7K stores with "user-generated" coupon codes in Honey's database. These are codes that Honey's users have submitted or that have been harvested from across the internet.
This includes private employee discount codes, influencer-specific codes designed to track which creator drove sales, limited-time promotional codes, and VIP customer codes meant for loyal customers only. When these codes are collected and shared through Honey, it undermines businesses' ability to run targeted promotions, track marketing effectiveness, and maintain accurate revenue analytics for their online stores.
How Honey Allegedly Harvests Private Codes
When a Honey user types a coupon code at checkout, Honey immediately sends that code to their servers — before asking for consent. Analysis of Honey's source code (leaked from their iOS app) confirmed this behavior.
Even if the user clicks "Don't Share," Honey has already captured the code. Their privacy policy explicitly states they collect "coupons, promo codes, and deals you found," allowing them to take this data regardless of user preference.
Small Business Extortion: Pay Up or Suffer
Perhaps the most disturbing aspect of Honey's business model is what happens when businesses discover their private codes have been leaked. When store owners contact Honey demanding to be removed from the platform, they're met with a calculated response: "Partner with us, and you'll have control over your codes."
This practice, which many business owners describe as "extortion," was exposed through email exchanges between Honey and Chip Malt, CEO of Maiden Cookware. When Chip discovered Honey had leaked a private friends-and-family discount code, he demanded removal from the platform.
Email Exchange: Maiden Cookware vs. Honey
Chip (CEO, Maiden Cookware):
"Please remove us from your app. You've scraped a private friends and family code from our checkout and put it on the platform for others to use. We've lost a bunch of revenue."
Honey's Response (4 days later):
"In order to protect the Honey experience for our users, we typically do not remove codes unless we have a working relationship. We'd love to discuss how we can work more closely and partner with your brand."
Chip:
"We don't offer affiliate deals to coupon sites. We'd like to be removed from your site and extension completely."
Honey's Response (months later, after repeated leaks):
"We proudly host a consistent shopping experience for all Honey shoppers. Therefore, we cannot disable Honey for individual stores and never have."
This was proven to be a lie. Another business owner, Andrew from Target Texture Supply, shared his email exchanges with the same Honey employee, who successfully had his store removed from the platform — just one month before telling Chip it was "impossible."
"Nine times out of 10, the response is: join our affiliate program and you'll have more granular control. Merchants feel like they're being blackmailed or extorted." — Marketing industry expert on Honey's practices
The pattern is clear: Honey deliberately added 146.7K online stores to their platform without consent, creating problems for those ecommerce businesses, then leveraging those problems to force paid partnerships. It's a textbook protection racket operating at scale across the entire online retail industry.
Data Collection: 2,500 Pages of Your Shopping History
While Honey marketed itself as "actually free, not like selling all your personal data free," the reality is far more invasive. A German nonprofit called DateRequests.org submitted GDPR right-of-access requests to Honey, and the results were shocking.
What Honey Collected (From Just One User)
of web activity in just 3 months
on any store Honey "supports"
of every browsing session
device IDs, OS information
From just 27 page views, investigators could determine: what products the user viewed, their order IDs, disputed orders, family subscription plans, travel plans (including Airbnb dates and locations), streaming habits, and even redeemed game serial codes. This wasn't metadata — Honey was capturing full URLs that revealed intimate details of users' lives.
The Honey "Privacy" Contradiction
Honey's website promised users: "We never sell or share your data." But to their merchant partners, Honey employees bragged: "We have all sorts of tools... we're really kind of following the shopper where they go and we're with them every step of the way."
This data collection wasn't a recent development after PayPal's acquisition. A 2015 Honey pitch deck to investors explicitly listed "user behavioral data, stores visited, products viewed, and purchase history" as core components of their business strategy, calling it their "unfair advantage."
In 2024, PayPal announced it would launch an ad network leveraging data from its 400 million users — including Honey users. Your shopping history is now directly feeding PayPal's advertising machine.
Targeting Minors: The MrBeast Connection
Honey's privacy policy explicitly states: "We created Honey for the exclusive use of adults 18 and older, and we don't knowingly collect or solicit personal information from children." Yet their marketing strategy tells a completely different story.
MrBeast, one of the most popular YouTubers in the world, became Honey's biggest sponsor. His Honey-sponsored videos garnered over 3 billion views, representing more than one-third of Honey's total sponsored views on YouTube. The problem? MrBeast's audience skews heavily toward children and teenagers.
MrBeast's Honey Ad Script
"I have a challenge for all of you. Go to every computer in your house — your mom's, your dad's, your sister's, your brother's computer — and install Honey."
This ad directly encouraged children to install data-tracking software on every device in their household, including computers belonging to other family members.
But MrBeast wasn't the only child-focused channel Honey sponsored. They paid for sponsorships on:
- Minecraft channels — games predominantly played by children
- Roblox channels — platform with a median user age of under 13
- Cartoon and animation channels — clearly targeting young audiences
- A 14-year-old influencer — Desiree Machado, whose "Back to School" video was Honey-sponsored
Many jurisdictions have strict regulations around collecting personal data from minors, often requiring parental consent. By claiming their service is "for adults 18 and older" while actively marketing to children, Honey may have violated data protection laws in numerous countries.
Legal Consequences: 20+ Class Action Lawsuits
Following the MegaLag investigation, PayPal and Honey have been hit with a wave of legal action. As of December 2024, over 20 class action lawsuits have been filed against PayPal, accusing them of:
⚖️ Wiretapping
Illegally intercepting and recording user communications and browsing activity
💻 Computer Hacking
Unauthorized access to and modification of browser data and cookies
🏪 Unfair Competition
Allegedly diverting affiliate commissions from legitimate marketers and creators
🎭 Potential Consumer Deception
Alleged misrepresentation of the service's benefits and data practices
🤝 Tortious Interference
Deliberately disrupting business relationships between creators and merchants
💰 Unjust Enrichment
Profiting from commissions that rightfully belonged to others
Gamers Nexus, a prominent tech YouTube channel, is serving as lead plaintiff in one of the class action lawsuits. The investigation also triggered lawsuits against other companies using similar practices, including Microsoft, Capital One, Klarna, Rakuten, and RetailMeNot.
PayPal's Response: Cease and Desist
Rather than address the allegations, PayPal's legal team sent cease and desist letters to MegaLag and attempted to have his videos removed from Patreon under copyright claims. The videos remained up, and the investigation continued.
Google has also responded by updating their Chrome extension policies, implementing changes that block extensions like Honey from claiming undeserved affiliate commissions. Since the investigation, Honey has lost over 6 million users.
The $4 Billion Question: Why Did PayPal Pay So Much?
In 2019, PayPal acquired Honey for $4 billion. To put this in perspective: YouTube was acquired for $1.65 billion, Instagram for $1 billion, and Twitch for $970 million. Combined, these three platforms cost less than what PayPal paid for a coupon browser extension.
The answer lies not in Honey's ability to save users money, but in its data collection capabilities. Honey provided PayPal with something invaluable: a window into consumer shopping behavior across the entire internet.
What PayPal Really Bought
17 Million Active Users
Each one tracked across every online store they visit
Complete Shopping Journeys
What users browse, compare, abandon, and purchase
"Cross-Shopping" Intelligence
Which competitors users compare before buying
Price Sensitivity Data
"How much they are willing to pay" — from Honey's own pitch deck
"Honey's unique data allows us to predict what each user is about to buy, when they intend to purchase, and how much they are willing to pay." — Honey's 2015 investor pitch deck
Former Honey executives openly discussed using this data to help merchants understand their customers' "cross-shopping" behavior — tracking how many other stores a user visits before making a purchase decision. This retail analytics and consumer intelligence is extraordinarily valuable for targeted advertising, pricing strategies, and competitor analysis in the ecommerce industry.
In 2024, PayPal announced the launch of its own ad network, leveraging data from its 400 million users — including Honey data. The "free" coupon extension was never the product. You were the product.
Explore the Full Dataset: 173.9K Stores
We're making our complete ecommerce research dataset of 173.9K stores available for public access. Use the interactive analytics table below to search for any online store, sort by different criteria, and explore the full scope of Honey's operation. This business intelligence resource is invaluable for store owners, dropshipping entrepreneurs, and affiliate marketers conducting competitor analysis or market research.
Complete Store Database
173.9K stores available to explore
Loading stores...
What You Can Do
For Content Creators
- Stop promoting Honey — you may be hurting your own income
- Warn your audience about how Honey allegedly diverts affiliate commissions
- Use affiliate networks that have protections against cookie stuffing
- Consider legal action if you have evidence of significant lost commissions
For Ecommerce Business Owners
- Search the store database above to see if your Shopify store or online business is listed without consent
- File a GDPR request to access and delete your data from Honey's systems
- Implement coupon protection services that block unauthorized codes and protect your revenue
- Use unique, one-time codes for influencer partnerships to track marketing performance accurately
- Monitor your store analytics for unexpected traffic patterns that may indicate coupon leakage
For Consumers
- Uninstall Honey — the "savings" aren't worth the privacy invasion
- Use creator affiliate links to support the people whose content you enjoy
- Be aware that using unauthorized coupon codes may hurt businesses you like
References & Sources
This investigation builds upon the groundbreaking work of independent journalists and researchers who first exposed Honey's practices. We encourage you to watch these video investigations for a deeper understanding of the scam:
Exposing the Honey Influencer Scam
MegaLag • Part 1 • 18M+ views • Dec 2024
The original investigation that started it all. Examines how Honey allegedly diverts affiliate commissions from creators.
Exposing Honey's Evil Business Model
MegaLag • Part 2 • 1.2M+ views • Dec 2025
Follow-up investigation revealing how Honey exploited small businesses, tracked user data, and targeted minors.
The Honey Situation Keeps Getting Worse...
SomeOrdinaryGamers (Mutahar) • 191K+ views • Dec 2025
Analysis of the user data collection practices and why browser extensions shouldn't have this much access.
