Blockchain ice phishers are on the loose, says Microsoft

Web2, web3, doesn’t matter; phishing attacks will persist.

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

What you need to know

What you need to know

As widespread and beloved as cryptocurrency has become in some corners of the web (and theworld at large), learninghow to mine cryptoisn’t without risks. For example, what if your stockpile of virtual currency scores the attention of a cybercriminal hoping to pull off a blockchain-based phishing attack?

For those not in the loop, the web2 phishing attacks of old have been revamped to fit the realm of web3. For a quick refresher on what web3 means, here’s Microsoft’s definition: “Web3 is the decentralized world that is built on top of cryptographic security that lays the foundation of the blockchain (in contrast, web2 is the more centralized world). In web3, funds you hold in your non-custodial wallet are secured by the private key that is only known to you. Smart contracts you interact with are immutable, often open-source, and audited.”

So how does ice phishing on the blockchain work, then? It’s all about fooling someone into approving fund transfers via seemingly legitimate transactions that have been subtly meddled with (in ways transaction user interfaces don’t always display), allowing criminals to redirect funds to themselves. The icing on the cake of this swindle is that a criminal can gradually build up a stockpile of these approvals only to rapidly empty victims' wallets in one fell swoop, leaving the violated parties high and dry out of the blue.

You can read up on the weeds of ice phishing operations over atMicrosoft’s blog postdiscussing the topic. Though if you want a highlight of the strategies the company advises to avoid being ice phished, they include: Don’t trust the front-end of smart contracts, get your contract audited, and use multiplecrypto wallets.

Get the Windows Central Newsletter

Get the Windows Central Newsletter

All the latest news, reviews, and guides for Windows and Xbox diehards.

Robert Carnevale is the News Editor for Windows Central. He’s a big fan of Kinect (it lives on in his heart), Sonic the Hedgehog, and the legendary intersection of those two titans, Sonic Free Riders. He is the author ofCold War 2395. Have a useful tip? Send it to robert.carnevale@futurenet.com.