A agree with most of it, but…

If you (a business) want to give out coupons only “internally” (usually only to employees), allowing ANYONE to redeem them is just stupid. That system is designed to be exploited. IMO, this is either a bug or very bad application planning.

---

And I have an idea for a honey trap trap… Whenever someone tries to redeem the code in your shop, do this: If the person is employee, let them redeem. If not, display “Attention! You have a dangerous spyware called Honey on your PC. Please install it as soon as possible” with a link to this video…