Grin Gets Real Podcast logo

Hosted by:

Katya Allison portrait

Katya Allison

Director of Marketing Content at GRIN

How to combat discount code hijacking

In this episode:

Alexander Heckmann

VP of Partnerships at

Is the potential for fraud stopping you from using discount codes? offers Digital Engagement Security for ecommerce sites and online publishers and platforms. Its cleanCART service prevents coupon scrapers from injecting unwanted coupon codes, while cleanAD blocks malicious ads and pop-ups. strives to protect the user experience and prevent fraud, bots, and malware from impacting sites in every vertical.

How to combat discount cod hijacking featured image

Listen to more GRIN Gets Real

About GRIN Gets Real

Welcome to the GRIN gets real podcast, the show for people who want to maximize their marketing potential. From influencer marketing to eCommerce strategy and everything in between, each episode will feature industry experts that share their insights and provide actionable tips to help you achieve your marketing goals. Subscribe and stay tuned!

Full episode details

Preventing discount code hijacking is valuable in the creator economy. 

As coupon extensions like Honey, Capital One Shopping, and Piggy gain more users, having creators offer discount codes can become a risky business. 

“Basically, how these extensions work is, let’s say I have Honey or Capital One Shopping installed, and I see an influencer code in the wild on a YouTube video. Let’s call it “Ben20.” And I go to … and let’s say I type in “Ben20.” As I’m getting ready to check out … [Honey sees] that code get validated in real time. And what they’ll do is they’ll then scrape it into their database. 

And now anyone that comes back to the Bioré would be able to access that code, as long as they have Honey to inject it at the checkout … And now that merchant thinks that attribution is going to be tied to that “Ben20” code, so they have to pay out that merchant on the affiliate fee, and then they lost the margin at checkout.“

As Alexander pointed out, these extensions can not only lose companies money, but they can also make the ROI of influencer marketing impossible to track since they skew results. can help ecommerce sites prevent discount hijacking fraud. 

One surprising insight that Alexander shared is that sometimes, the effects of fraud can be insignificant, and ecommerce sites don’t necessarily have to act on it. 

“Most [cybersecurity] companies are just willing to try and show you like, ‘Hey, there’s an issue here. And it makes economic sense,’ or, ‘Hey, there’s an issue here. It doesn’t typically make economic sense. You have a fraud issue, but it’s such a small amount of money you’re losing right now that you could probably live with, like, just dealing with it.’”

But sometimes, the results of partnering with a cybersecurity company can be massive. Alexander shared that saved one company $70,000 a month and another site $1.3 million in one year. 

Podcast listeners will also learn: 

  • How online fraud has changed over time 
  • Whether or not discount codes impact cart completion and abandonment rates 
  • How bot traffic can affect your site traffic and marketing spend
  • And much more! 

If you’re concerned about whether your company is experiencing significant consequences from fraud, offers a free trial that lets you see what’s happening on your site. Try it today.

Quotes from this episode

S2, Ep17 How to combat discount code hijacking w/ Alexander Heckmann square episode image

“If you run a discount report on Shopify, for example, they can actually show you how many times a code has been used and how often it’s used. And that’s really just a great way to start out to identify, like, how often are your codes being used? If you’re running an influencer campaign with someone that has, you know, maybe 100 or 200,000 followers on their socials, but their code has been used 7,000 times, that’s probably a red flag.” 

“We block these extensions from being able to scrape and inject these codes at checkout. And we’ve been able to recover merchants hundreds of millions in lost revenue from fraudulent affiliate payouts as well as margin discounts.”

“Basically, how we’ve seen them work is they will start to scrape all of these codes into their database. Eventually, they’ll reach out to merchants and say, ‘Hey, we’ve been driving tons of sales to your site.’  What they’re actually doing is they’re just stealing that last-click attribution from affiliates that might have organically driven someone there, like, ‘Well, Honey actually injected the code, so we drove that session.’” 

“Well, from a security point, I think that a lot of security solutions in the next two years are going to be more holistic. Typically, people are addressing one thing, whether you’re addressing bot traffic, or compromised JavaScript, or whatever else. I think you’re gonna see more solutions consolidate their offerings to give people a more economically friendly security solution, where you don’t actually have to be, you know, a security-based engineer to understand what you’re purchasing.”



Want to stay up to date with GRIN Gets Real?

The GRIN Gets Real Podcast aims to cover not just influencer marketing, but every function of your marketing funnel for ecommerce. Join us as we invite the top minds in the influencer and ecommerce industries to discuss strategy, trends, insights and so much more.