Phoebe Gates' shopping app Phia accused of silently injecting fake affiliate codes to steal commissions
Key Points
- Phia's browser extension silently injects its own affiliate codes into background tabs during checkout, overriding legitimate publisher referrals and capturing commissions without user interaction or knowledge.
- Bloomberg testing found $12 million-plus in sales attributed to Phia through this mechanism, translating to roughly $300,000 to $400,000 in disputed commissions over six months of undetected activity.
- Civil theories including deceptive practices, unjust enrichment, and unauthorized alteration of tracking data are cited as plausible; wire fraud charges remain possible if intent is proven.
Summary
Phia's affiliate scheme could be cruder than Honey's—and has been running undetected for six months
Phia, the shopping assistant app co-founded by Phoebe Gates, stands accused of silently injecting its own affiliate tracking codes into background browser tabs without user interaction, overriding legitimate publisher referrals and capturing commissions it did not earn. A Bloomberg investigation tested Phia's mobile extension across more than 50 websites and found the extension opening background tabs during checkout and inserting its own referral code automatically—behavior that Ben Edelman, an independent affiliate marketing researcher, says violates the foundational rule of the industry: commission is only paid when a user clicks.
The mechanism is straightforward. A shopper visits a review site like horsereviews.com, reads comparisons, clicks through to a retailer like clydesdalesdirect.com, and completes a purchase. Normally, the review site's referral token gets stored in a cookie and credited when the transaction closes. The retailer sends payment to horsereviews.com. Phia, however, overwrites that attribution without the shopper's knowledge or action—the shopper never clicks on Phia, never sees a Phia prompt, the extension just fires in the background. The result is that Phia claims the sale, the retailer pays Phia's commission instead of the publisher's, and the publisher loses revenue.
The difference from Honey—the previous scandal in this space—is material. Honey generally required some user interaction before overwriting attribution, even if only clicking to dismiss a Honey popup. Phia requires none. The Bloomberg investigation found Phia's extension injecting codes "without any Phia interaction at all," according to the transcript.
Scale and duration
Bloomberg's testing identified $12 million-plus in sales attributed to Phia through this mechanism. At typical 3 percent affiliate commissions, that translates to roughly $300,000 to $400,000 in disputed payouts. The behavior has been running since approximately January or December of 2025—around six months—suggesting either a prolonged software bug or an undiscovered revenue stream. The fact that it went undetected across a diffuse network of affected retailers is plausible; individual merchants wouldn't notice a few hundred dollars moving between affiliate buckets when they process millions in sales monthly.
Legal exposure
The Bloomberg reporting cites civil theories including deceptive practices, unjust enrichment, interference with contracts, and unauthorized alteration of tracking data as "quite plausible." Google prohibits background affiliate link injection; Apple requires Safari redirects to be disclosed. Affiliate network contracts generally require genuine user referrals and forbid overriding another publisher's attribution. Wire fraud charges are possible if the behavior is proven intentional—the Justice Department has prosecuted cases involving commissions on sales the fraudster did not generate—but that requires proof of intent and access to facts not yet public.
Bloomberg explicitly avoids alleging a specific crime, but notes that if the facts are accurate, "the behavior appears far beyond mere rudeness."
The larger picture
Phia raised capital from prominent celebrities and was positioned as Gates' independent venture. The timing and nature of the accusation come after months of skepticism on social media about why the company needed venture backing and whether it would succeed. The investigation lands at a moment of maximum reputational vulnerability.
Every deal, every interview. 5 minutes.
TBPN Digest delivers summaries of the latest fundraises, interviews and tech news from TBPN, every weekday.