CompTIA Security+ (SY0-501) — Question 454

Recently several employees were victims of a phishing email that appeared to originate from the company president. The email claimed the employees would be disciplined if they did not click on a malicious link in the message.
Which of the following principles of social engineering made this attack successful?

Answer options

• A. Authority
• B. Spamming
• C. Social proof
• D. Scarcity

Correct answer: A

Explanation

The correct answer is A, Authority, because the email was purportedly sent from a high-ranking official, which likely led employees to trust and comply with its demands. The other options, such as Spamming, Social proof, and Scarcity, do not directly apply to the scenario as they do not involve leveraging the authority of a respected figure to manipulate individuals.