Coupons are a great marketing tool. They increase customer loyalty, encourage repeat purchases, and incentivize people to sign up for loyalty programs, newsletters, and other company initiatives. People are familiar with coupons and use them frequently: In 2025, 90% of consumers reported using a coupon for shopping.

But coupons can be misused too, and the term for that is coupon glittering. In this article, we will explain what coupon glittering is, what different coupon glittering techniques exist, and how you can protect your business against coupon glittering as part of a wider strategy to protect coupon sites from bots.

Key takeaways

• Coupon glittering exploits loopholes in promo code logic, causing revenue loss and analytics distortion
• Fraudsters use web scraping bots to decode and exploit coupons at scale, then sell access through illegal markets
• Traditional rate-limiting fails against sophisticated bots that mimic human behavior
• Real-time bot and agent trust management blocks coupon abuse in under 2ms without impacting legitimate shoppers

What is coupon glittering?

Coupon glittering is the umbrella term for using coupons, promo codes, or discounts in a way they weren’t meant to be used. It means searching for loopholes or glitches in how coupons are programmed to take unfair advantage of them. This used to be called coupon glitching, but is now called coupon glittering, so it doesn’t sound as if you’re committing coupon fraud (even though you are).

Modern coupon glittering goes far beyond individual shoppers looking for deals. Organized fraud networks deploy sophisticated web scraping bots to systematically analyze how promotional codes are structured, identify exploitable patterns, and automate attacks at scale. With AI-powered tools, fraudsters can test thousands of coupon variations per second, making manual oversight ineffective.

Coupon glittering is particularly prevalent in brick-and-mortar stores, where the system can be gamed more easily, but it’s a threat for online stores too. Any online coupon, promo code, or discount can be misused and lead to lost revenue, a poor user experience, and lost time trying to figure out why your coupons are used in ways you didn’t intend.

The stakes for online promo codes are incredibly high because they offer immediate financial reward for fraudsters. As Maya Nigrin, Software Engineer at Klaviyo, explains:

“With the addition of coupons, the incentive for malicious users also became higher. It was no longer just about getting on a list; they would immediately receive something with a certain monetary value,” she explained.

Read how Kalviyo prevents coupon abuse with DataDome here.

6 most common coupon glittering techniques

Fraudsters use web scraping bots to analyze your website’s promotional logic and identify exploitable vulnerabilities. Once they understand how your coupons work, they deploy several techniques to maximize fraudulent gains:

1. Coupon stacking

Coupon stacking involves combining multiple promotional codes on a single transaction when only one was intended, often reducing the final price to zero or near-zero. Bots test thousands of code combinations per second to find stackable discounts.

2. Coupon duplication

Copying single-use promo codes and applying them to unlimited transactions is coupon duplication. Fraudsters reverse-engineer how codes are generated, then create duplicate or variant codes that bypass usage limits.

3. Coupon misapplication

Bad actors apply promotional codes to products, categories, or customer segments they weren’t designed for. For example, using a “first-time customer” discount repeatedly or applying product-specific codes to your entire catalog.

4. Code generation

Fraudsters analyze the pattern or algorithm behind how your system creates promo codes, then generate valid codes without authorization. If your codes follow predictable patterns (e.g., SAVE10, SAVE15, SAVE20), bots can extrapolate the entire series.

5. Time manipulation

Time manipulation involves exploiting coupons outside their intended validity windows by manipulating timestamps or exploiting server-side validation weaknesses to use expired or not-yet-active promotions.

6. Account takeover integration

Fraudsters often use coupons on accounts that they’ve gained access to through account takeovers, allowing them to use compromised customer accounts to stay anonymous and avoid detection. This technique also lets fraudsters use stolen payment methods alongside these coupons.

How coupon fraud is distributed through fraud networks

Once fraudsters decode exploitable coupons, they monetize them through:

• Glitter groups: Private social media communities where members share and trade exploitable promo codes
• Fraudulent coupon sites: Websites designed to look legitimate that sell or distribute decoded promotional codes
• Dark web marketplaces: Underground forums where high-value exploits are sold to other fraudsters

These distribution channels transform individual coupon vulnerabilities into large-scale fraud operations, multiplying your revenue loss exponentially.

How to protect your business against coupon glittering

Fraudsters rely on automated tools—not manual effort—to exploit promotional campaigns at scale. They deploy sophisticated scraping bots that mimic human behavior, making them difficult to detect with traditional security measures like rate-limiting or CAPTCHAs. Protecting yourself against coupon glittering requires bot and agent trust management that analyzes request intent in real time, distinguishing legitimate shoppers from automated fraud before checkout manipulation occurs.

That’s where DataDome’s bot and agent trust management comes in. Our real-time protection analyzes intent, not just identity, to stop fraud in under 2ms while letting legitimate users through seamlessly. By leveraging thousands of AI models and 5 trillion signals analyzed daily, DataDome protects websites, mobile apps, and APIs from all forms of automated threats, including the sophisticated scraping bots used for coupon glittering.

Curious whether your website is vulnerable to scraping bots that execute coupon fraud? Test your website with our free Vulnerability Scan or book a demo today to learn more.