Ice Phishing
A crypto attack where the victim is tricked into signing a transaction that transfers asset ownership to an attacker without any malware being involved.
Also known as: Web3 social engineering, transaction signing scam
Last reviewed: 10 June 2026
Ice phishing is distinguished from traditional phishing by the absence of credential theft or malware. Instead, attackers present a legitimate-looking transaction request (usually through a phishing site or a compromised front-end) that asks the victim to sign a message or transaction reassigning ownership or approval of their assets.
The term was coined by Microsoft security researchers and specifically refers to the social engineering of the signing step in Web3 interactions. The "ice" metaphor reflects the slow, patient nature of the preparation: attackers may spend weeks building realistic fake interfaces before harvesting approvals in bulk.
Because no malware is involved, antivirus tools offer no protection. The only defence is carefully reading every transaction prompt, using a hardware wallet that displays decoded transaction data, and treating unsolicited "connect wallet" prompts with extreme suspicion.