What is Ice Phishing?
Reviewed 2026-06-25
Definition: Ice phishing tricks you into signing a transaction that grants a malicious contract permission to spend your tokens — rather than stealing your private keys directly. You keep your wallet, but the attacker gains a standing approval to drain it at any time. The defense is to read every signature request and revoke unknown approvals.
How it works
Unlike credential phishing, which steals your seed phrase or private key, ice phishing targets your token approvals. The attacker presents a fake interface — a fake airdrop claim, a fake mint page, a fake NFT marketplace — that requests a token approval or Permit2 signature. Once you sign, the attacker's contract holds a standing permission to transfer your tokens. The attacker can exercise this permission at any time, often hours or days later when you are not watching. Because your keys are untouched, nothing looks wrong in your wallet until the drain occurs.
How to protect yourself
Read every transaction and signature request carefully before approving. A legitimate approval names a specific protocol you intentionally connected to and have used. An approval to an unknown contract address is a red flag. Check your active approvals regularly and revoke any you did not intentionally grant.
Frequently asked questions
How is ice phishing different from regular phishing?
Regular phishing steals your seed phrase or private key — your entire wallet is taken. Ice phishing steals a token approval — your keys stay in your control, but the attacker gains spending permission over specific tokens until you revoke it.
Can I see if I have been ice-phished?
Yes. An approvals scanner lists every contract that holds a spending approval on your wallet. Any approval you did not intentionally grant is a sign of ice phishing. Revoke it immediately.
Is revoking enough if I was ice-phished?
Yes, if you revoke before the attacker exercises the approval. Revoking removes the permission permanently. If funds were already moved, revoking prevents further loss but does not recover what was taken.