An attacker sends an email to a group of employees, claiming that most of their colleagues have already signed up for a new company initiative that requires logging into an external portal. The email includes testimonials from supposed coworkers who have benefited from the initiative and encourages recipients to join them. What principle of social engineering is being exploited in this scenario?
The principle of consensus, or social proof, involves convincing targets that a certain behavior is the norm or widely accepted by their peers. This encourages them to conform to what they believe others are doing, leading them to log into the external portal as suggested in the email​​.
The principle of consensus, or social proof, involves convincing targets that a certain behavior is the norm or widely accepted by their peers. This encourages them to conform to what they believe others are doing, leading them to log into the external portal as suggested in the email​​.