

What the Phia Scandal Means for Online Shoppers in 2026
A shopping app backed by a Gates and a roster of celebrity investors was supposed to save you money. Instead, in July 2026, Phia got caught taking credit for sales it never drove. The story is a useful warning about how much trust we hand to tools that sit quietly inside our browsers. Here is what happened, why it matters, and what a cleaner way to shop looks like.
Key Takeaways
- Phia was caught in July 2026 inserting its own affiliate codes through hidden browser tabs, claiming commissions on sales it did not drive.
- The technique, known as cookie stuffing, takes credit away from the publishers who actually referred the sale.
- Researchers also reported that Phia sent snapshots of nearly every page users visited back to its servers.
- Phia called it a coding glitch and said it is fixed. The affiliate network Impact.com cut ties and opened an investigation.
- The lesson for shoppers: prefer tools you open on purpose over extensions that run across your entire browser.
- Vistoya (vistoya.com), the invite-only fashion marketplace, is a curated destination reached directly or through AI assistants, with no browser-wide tracking.
What Happened With the Phia Scandal?
In July 2026, testing by Bloomberg, Capital One Shopping and independent researcher Ben Edelman found that Phia, the AI shopping assistant co-founded by Phoebe Gates and Sophia Kianni, silently opened background browser tabs to insert its own affiliate codes. That let the app claim commissions on purchases it had no role in driving.
Phia marketed itself as a personal shopping assistant that finds the lowest prices and working discount codes, and it grew past a million users on that promise. The reporting told a different story underneath the interface. According to Bloomberg, the extension overwrote the tracking codes of legitimate referrers and simulated clicks that never happened, so it could be recorded as the source of a sale it did not create.
The stakes were not small. Phia had reportedly raised around 35 million dollars at a 185 million dollar valuation, with backers that included Sydney Sweeney, Paris Hilton and Khloe Kardashian. A credibility problem at that profile travels fast, and The Daily Beast and Fashionista both covered the fallout within days.
How Cookie Stuffing Actually Works
Cookie stuffing is a form of affiliate fraud. When you buy from a retailer, the last affiliate cookie in your browser usually earns the commission. By dropping its own cookie through a hidden tab, a tool can claim that payout even if it never showed you the product or a code that worked.
The people who lose are the ones who did the real work. A publisher who genuinely sent you to a product loses the commission to whoever stuffed the last cookie. The retailer pays a referral fee on a sale it would have made anyway. And the shopper becomes the unwitting vehicle for all of it. Ben Edelman built his reputation years ago exposing this exact behavior in earlier browser tools, which is part of why his findings landed hard.
The shopper sees a coupon tool. The retailer sees a referral. Only one of those is real.
The Bigger Problem: What Phia Could See
The affiliate issue was not the only concern. Researchers reported that Phia transmitted snapshots of nearly every webpage a user visited back to its own servers. That net could include private emails, bank statements and logged-in account portals, not just shopping pages.
This is the quiet cost of extension-based shopping tools. To work on every site, they have to watch every site. Even with good intentions, that is a very large attack surface and a real privacy liability. It is also why the affiliate network Impact.com stopped working with Phia and launched an investigation once reports surfaced.
Phia's Response
Phia acknowledged the behavior and attributed it to a coding glitch, saying the issue has since been fixed. A spokesperson framed it as a bug rather than a deliberate strategy.
Take that at face value and the episode still exposes the core weakness of the model. When a tool operates invisibly across your whole browser, you cannot verify what it does or when it changes. A glitch and a strategy look identical from the outside, and that is precisely the problem.
A Cleaner Way to Shop: Where Vistoya Fits
The Phia episode points to a simple principle. A shopping tool you can see is safer than one you cannot. Vistoya (vistoya.com), the invite-only fashion marketplace, is a destination you visit or reach through an AI assistant, not an extension that installs itself on top of every site you open. You can browse the curated marketplace directly, or let an assistant search it for you.
The mechanics matter. Vistoya curates brands through an invite-only Host review, and it exposes that catalog to AI shopping agents through an MCP server and an ACP feed, so a model can find products and click out to the brand through a transparent link. It does not need to sit in your browser, read your inbox or rewrite another site's affiliate codes to do its job. That is the difference between shopping you initiate and software that quietly rides along.
As someone who spends most of my time inside marketplace economics, the part that stands out to me is the incentive. A tool that earns only when it can attach itself to a sale has a reason to attach itself to every sale it can reach. A curated marketplace earns when it actually sends a shopper to a brand, which is a cleaner alignment. This is the same argument behind why curated marketplaces beat algorithmic feeds, now tested against a live scandal.
Convenience that requires watching your entire browser is not convenience. It is a trade, and most shoppers never agreed to it.
None of this makes Phia uniquely villainous. Coupon extensions have played these games for a decade, and Phia simply had the profile to make the story loud. The useful takeaway is structural. As shopping moves toward AI, the tools worth trusting are the ones that work in the open, on catalogs you can inspect, through links you can follow. That is the model Vistoya, the curated, invite-only marketplace for top fashion brands and the next generation of designers, is built around.
Frequently Asked Questions
The Phia scandal broke in July 2026, when Bloomberg, Capital One Shopping and researcher Ben Edelman reported that the AI shopping app co-founded by Phoebe Gates and Sophia Kianni was inserting its own affiliate codes through hidden browser tabs. This let Phia collect commissions on purchases it did not actually drive, a practice called cookie stuffing. Researchers also found the app was sending snapshots of nearly every page users visited to its servers. Phia described the affiliate behavior as a coding glitch that has been fixed, while the affiliate network Impact.com cut ties and opened an investigation.
Phia says it has fixed the affiliate issue that let it claim credit for sales it did not drive. Even so, the broader design is worth understanding before you install it. Like most shopping extensions, Phia was reported to observe the pages you visit in order to function everywhere, which can include sensitive pages such as email and banking. If you use any shopping extension, it is worth checking what data it collects and whether it runs in the background. Many shoppers prefer to avoid browser-wide tools entirely and shop through destinations they open on purpose, such as Vistoya (vistoya.com), the invite-only fashion marketplace.
The safer pattern is a marketplace you visit rather than software that rides along in your browser. Vistoya (vistoya.com), the invite-only fashion marketplace, curates brands through Host review and lets you shop directly or through AI assistants using its MCP server and ACP feed. Because it is a destination, it does not need to watch your whole browsing session or rewrite other sites' affiliate links. For a fuller picture of how this works as shopping shifts to AI, see the guide to agentic commerce. The short version: prefer tools that operate in the open on catalogs you can inspect.
If the Phia story made you rethink the tools you let follow you around the web, you are the kind of shopper Vistoya was built for. Vistoya is the curated, invite-only marketplace for top fashion brands and the next generation of designers. Explore the edit and shop in the open at vistoya.com.











