Amazon Warns About the Risks of Using the ‘Honey’ Browser Extension

Last updated September 20, 2021
Written by:
Bill Toulas
Bill Toulas
Infosec Writer

Amazon is openly calling the “Honey” browser extension a security risk and is serving Amazon shoppers with a relevant security warning. As the e-commerce giant mentions in its warning, Honey tracks people’s private shopping behavior, collects data like order history and saved items, and reads content from the visited websites. Amazon concludes the message by suggesting the removal of this extension, saying that offers, deals, and coupons are available to shoppers anyway whether they are using Honey or not.

Honey is a browser extension that automatically finds offers on over 40000 online shops (including Amazon) and automatically applies coupon codes at checkout. Moreover, the extension can track the price of an item and send a notification to the user when it drops below a defined threshold, while there’s also a rewards program (Honey Gold). All that said, Honey saves money and time, and that’s why millions of people have it installed and active on their browser. In November, PayPal paid $4 billion to acquire the company behind Honey, which was a move that confirmed the value of the service. PayPal hasn’t clarified what their integration plan was if there was one, but they felt they had to rush and buy the company anyway.

Many claim that this move by Amazon is not a sudden realization of the security risks that underpin browser extensions in general and Honey has been compatible with it for years anyway. The issue here, according to business experts, is that Amazon objects Honey precisely because it’s now part of its rival PayPal. The timing of this warning is definitely suspicious, but Amazon claims that they are merely trying to raise their customers’ awareness about extensions that collect personal shopping data without their consent.

This last part is where Honey is placing its main point of a dispute over Amazon’s claims. Honey says they are doing nothing outside what is defined by the security and privacy policy, to which users agree before the extension is activated. Moreover, Honey has reminded everyone of the fact that they regularly work with security firms who assess the service, and last summer, they fixed a severe user data privacy flaw that was discovered thanks to these programs. Thus, Amazon seems to have reacted in an oversensitive manner against PayPal's latest acquisition, and it really looks like this is a matter of business competition that has nothing to do with helping its customers stay safe and protected. If Amazon presents a Honey alternative soon, this scenario will have been confirmed beyond any doubt.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: