A new video from the YouTuber MegaLag has accused PayPal’s Honey app of exploiting businesses and targeting minors. It follows on from a previous MegaLag video which nuked Honey’s popularity and led to several lawsuits against the company.
Bitter Honey
Honey is a browser extension which finds discount codes for online stores. MegaLag first exposed Honey back in 2024.
MegaLag highlights in his latest video that his first investigation led to Google Chrome cracking down on extensions, as Mashable reported in March:
MegaLag’s video also highlighted that Honey inserted its affiliate link even if it had not discovered a relevant active coupon code. In addition, Honey would also replace an existing affiliate link, or where the shopper’s purchase actually originated from, with its own in order to be credited for the sale.
While Honey users were incensed over Honey’s affiliate link tactics, the move actually hurt content creators. YouTubers and other creators often recommend products, and their fans make their purchase through the creator’s affiliate link to help support them. Affiliate sales can often make up a substantial portion of a creator’s revenue. Honey was essentially stealing those sales from creators.
MegaLag also talks about how Honey is allegedly hurting businesses.
Honey claims it only adds discount codes to its library after seeking permission from the user who used the code. What this means is that if you have Honey installed and you enter a code it doesn’t recognise, the extension asks for your permission to disseminate it. MegaLag is now alleging Honey takes these discount codes whether they receive approval or not.
So why is this a problem?
While it means more discounts for users, it can hurt small businesses. Not all discount codes are intended for the wider public, with some existing for employees, refunds, targeted promotions, etc. In some instances, MegaLag says Honey promoted codes which gave 100% discounts.
When businesses contact Honey, several say Honey was unhelpful when they asked it to remove them from the database. Even worse, several claim (with email evidence) that Honey said it would only remove them if they signed up to be a paying affiliate.
Creator promotions
Some of the discount codes in question were used as part of advertisement promotions. The idea was that podcasters and YouTubers would give out the code, and then businesses would track how many people used it so they could pay the creator accordingly. This model no longer works for small businesses, because they simply can’t track who’s using the code as a result of the promotion, and who got it from extensions like Honey.
Consequently, there are fewer advertisers supporting creators.
MegaLag says Honey is ‘clearly targeting minors’ by working with creators who produce content related to Minecraft, Roblox, and cartoons (not to mention Mr Beast). Backing up his point, he draws attention to a content creator they sponsored who was only 14-years-old. Brazenly, one of her sponsored videos was titled Back to School.
This is all especially problematic as MegaLag further suggests Honey is at its core little more than a massive data harvesting operation. He additionally speculates that this is why PayPal spent $4bn snapping the company up.
Honey isn’t the only potentially-problematic browser extension either:
this Honey scandal is another great reminder that you should always be wary of installing browser extensions. They’re a huge privacy risk, especially if they have permission to read all your browsing behavior https://t.co/tfjIdfsNTZ
— Tom Warren (@tomwarren) December 22, 2025
MegaLag ends by drawing attention to his own extension – Cookie Guard – which alerts users to dodgy activities going on in their browser (available here in Chrome).
Part three of MegaLag’s series is coming soon, and will reportedly contain accusations of criminal activity on the part of Honey.
Featured image via MegaLag
By Willem Moore
From Canary via This RSS Feed.