What is authority bias in scams?
Authority bias makes people more compliant with requests from perceived authority figures. Phishing impersonates: executives, IT departments, government agencies, and other authorities to leverage this compliance tendency.
Attack examples: CEO requesting urgent wire transfer, IT requiring password for "security update," or "legal department" demanding immediate document access. Authority triggers compliance instincts.
Defense: establish verification procedures regardless of apparent authority. Even legitimate executive requests should follow proper channels for sensitive actions. Authority claims through email alone shouldn't bypass controls.
Was this answer helpful?
Thanks for your feedback!