Avoiding The Crypto Ice Phishing Scam

How To Avoid The Crypto Ice Phishing ScamHere’s how to avoid the Crypto Ice Phishing Scam, a new threat that affects users of Web3 blockchain and cryptocurrency wallets.

Ice phishing is a specific type of scam only appearing in Web3 and, according to a particular firm, “presents a considerable risk” for crypto users.

A blockchain security provider recently warned crypto users to be wary of “ice phishing” scams, a fraud targeting Web3 users that Microsoft first spotted in 2021.

In a December 20th review report, the provider referred to ice phishing scams as an attack that tricks Web3 participants into signing permissions, enabling fraudsters to spend their tokens.

Unlike traditional phishing schemes that try to access sensitive information such as private keys or passwords, these fake websites attempt to scam FTX investors by saying they can help recover lost funds.

Another case was on December 17th, where 14 Bored Apes were stolen, demonstrating a sophisticated ice phishing attack: an investor was tricked into signing off on a transaction for what appeared to be a movie contract, permitting the scammer to purchase all the user’s Apes almost for free.

The firm stated that this scam is a “considerable risk” and usually exists in Web3, where investors must authorize permission to decentralized finance (DeFi) protocols that can be dangerously falsified.

A hacker must make the user think that the fraudulent address they are permitted to access is actual. Once users allow their tokens to be spent, their assets can be taken without consent.

If a scammer is successful, they can move assets to any address they designate.

How To Avoid The Crypto Ice Phishing Scam

To guard against ice phishing, the security firm recommends that investors use a token approval tool and a blockchain explorer site like Etherscan to remove access from any addresses they don’t recognize.

CertiK, the security firm, emphasized the importance of verifying official websites and platforms before interacting with them, citing a fake Optimism Twitter account as an example of how they could be taken advantage of.

In addition, the firm recommended that users take a couple of minutes to verify trustworthiness by visiting a reputable website, like CoinMarketCap or CoinGecko, to ensure that the URL is valid.

Microsoft, a major tech company, brought up this practice in a February 16th blog post, claiming that while username and password phishing is persistent on the Web2 world, crypto-based ‘ice phishing’ makes it possible for scammers to take a big part of the crypto industry with practically no traces.

To help lower the risk of users encountering ice phishing attacks, it’s suggested that Web3 projects and wallet providers enhance their software security instead of expecting users to take all the necessary precautions against the Crypto Ice Phishing scam.

Avoiding The Crypto Ice Phishing Scam
How To Avoid The Crypto Ice Phishing Scam
Scroll to top