Phia’s Alleged Scheme Goes Beyond Ordinary Affiliate Fraud

Many in the marketing and tech world have dismissed the Phia scandal as just another affiliate fraud story.
But it’s not.
This is not a story about the distribution of affiliate payouts. Phia may have taken more than $10 million from merchants, as reported by Bloomberg. The scale and audacity of the alleged misconduct are far greater than many people currently appreciate.
The allegations draw comparisons to Honey, which was accused of taking credit for referrals that had already been earned by another publisher.
But that misses the more important story.
Phia, if the allegations are true, did not simply take credit for an existing affiliate referral—it created an affiliate commission that should not have existed. So any shopping session in which the extension is active could become an affiliate transaction, even when no affiliate was ever present.
That distinction matters.
According to testing conducted by Capital One Shopping and Edelman, Phia’s iOS Safari extension allegedly opens background tabs and fires affiliate tracking links without an explicit user action when consumers visit participating merchants’ websites.
These forced clicks are not merely a technical violation of affiliate-network rules, they can lead to legal penalties, and they can cut into an advertisers’ bottom line.
Nearly two decades ago, Edelman uncovered similar conduct by eBay affiliates Shawn Hogan and Brian Dunning, who caused affiliate tracking to be invoked without users clicking. Edelman reported his findings to eBay, which referred the matter to the FBI. Both men were subsequently charged with wire fraud, pleaded guilty and served prison sentences.
Dunning’s indictment alleged more than $5.3 million in compensation, while Hogan’s alleged more than $15.5 million.
Phia has not been criminally charged, and the facts of the cases are not identical, but the precedent demonstrates how seriously forced-click schemes can be treated when they are used to collect unearned commissions.
TBPN estimated the revenue allegedly taken at $12 million, and while I haven’t been able to independently verify that, my conversations with industry insiders who have access to enormous amounts of data indicate a similar figure.
That difference changes who is harmed
With Honey, merchants still paid a single affiliate commission on a completed sale, while those commissions shifted among publishers within the affiliate ecosystem. Publishers objected, but advertisers viewed it as a redistribution problem rather than an increase in cost.
The allegations against Phia are different. As Edelman put it: “merchants are the victims of forced clicks.”
If affiliate clicks are being generated without a legitimate referral, advertisers may be paying commissions on sales that would have occurred anyway. This means Phia’s alleged conduct directly damaged merchants’ bottom lines.
The scale is potentially much larger than Honey’s as well.
Affiliate marketing typically represents only a portion of an advertiser’s online sales, meaning Honey could affect only transactions already flowing through the affiliate channel.
Forced clicks, by contrast, reach a larger share of commerce activity.
As Edelman told me, “with forced clicks, both click-through rate and revenue per user will be implausibly high.” These economics should have raised questions internally.
Edelman is unequivocal about intent. He calls it “misconduct,” and outright rejects that this behavior could have come from a software bug: “Based on the nature of the violation, forcing clicks is not something that can be unintentional.”
Another notable aspect of Edelman’s research is that the alleged behavior appears to be concentrated on mobile through an iOS Safari extension, rather than a traditional desktop browser extension.
Historically, desktop extensions have received far greater scrutiny from researchers, networks and competing publishers. Whether the mobile implementation was intentionally chosen to avoid detection or simply exploited an area that receives less oversight remains an open question.
For the digital marketing ecosystem, however, the most important question is not what Phia allegedly did. It is why the broader ecosystem failed to detect it sooner.
Affiliate marketing depends on trust. Publishers trust that legitimate referrals will be credited. Advertisers trust that commissions reflect genuine incremental value. Consumers trust that cashback and loyalty programs operate fairly. Every high-profile controversy erodes that confidence, regardless of whether it involves Honey, Phia or the next shopping assistant.
As shopping increasingly shifts toward AI-powered agents and browser automation, the industry’s reputation will depend less on its ability to track commissions and more on its ability to demonstrate that those commissions were legitimately earned.
https://www.adweek.com/commerce/phias-alleged-scheme-goes-beyond-ordinary-affiliate-fraud/