In AP Cybersecurity, intimidation is a social engineering tactic where an adversary threatens a target with negative consequences (like account deletion or being locked out) if they don't comply, using fear to push the victim into a desired action.
Intimidation is one of the psychological tactics attackers use in social engineering. The idea is simple: scare you into acting. An adversary threatens you with a negative consequence (your account gets deleted, your access gets locked, you get in trouble) unless you do what they say right now. That fear short-circuits your judgment.
The CED ties this to a basic fact about people: we naturally want to avoid bad outcomes (EK 1.1.B.2). Attackers exploit that aversion. By dangling a scary consequence in front of you, they get you to hand over a password, click a malicious link, or download a file before you stop to ask whether the message is even real. Intimidation usually shows up over email, text, or social media, though it can happen in person too.
Intimidation lives in Unit 1: Introduction to Security, specifically Topic 1.1, Understanding Social Engineering. It supports three learning objectives. AP Cybersecurity 1.1.A asks you to identify common indicators of social engineering, and intimidation is one of the named tactics (EK 1.1.A.2). AP Cybersecurity 1.1.B asks you to explain how a tactic influences a victim, and intimidation works by leveraging fear of negative consequences (EK 1.1.B.2). AP Cybersecurity 1.1.C asks you to describe possible impacts, which is exactly what happens when a scared victim hands over a password or clicks a malicious link. Social engineering is foundational. Almost every later attack starts with a human being manipulated first.
Keep studying AP Cybersecurity Unit 1
Visual cheatsheet
view galleryUrgency (Unit 1)
Intimidation and urgency are the two tactics the CED names side by side, and attackers love to combine them. Intimidation supplies the threat (your account will be deleted), and urgency supplies the clock (within two hours). Fear plus a deadline is a one-two punch that stops you from thinking.
Phishing (Unit 1)
Intimidation is the psychological lever; phishing is the delivery method. A phishing email that says 'your bank account will be closed unless you verify now' is using intimidation as its engine. The tactic explains why the phishing message works.
Authority (Unit 1)
Both rely on pressure, but they pull different strings. Authority makes you obey because the sender seems important (your boss, the IRS). Intimidation makes you obey because you're afraid of what happens if you don't. Attackers often stack them: a threat that sounds like it comes from someone in charge.
Expect intimidation in multiple-choice 'which tactic is this?' questions. The classic stem describes an email threatening that your account will be deleted, locked, or closed unless you verify a password or click a link, then asks you to name the tactic. Your job is to spot the threat-of-negative-consequence pattern and pick intimidation. Watch the trap: many of these scenarios also include a time limit (within one hour, immediately), which is urgency. Read carefully to see whether the question is testing the threat itself (intimidation) or the deadline (urgency). For free response, be ready to explain WHY the tactic works, not just name it. Intimidation works because humans naturally try to avoid negative consequences, so fear pushes them to act before checking if the request is legit.
Intimidation threatens you with a bad outcome (your account will be deleted), using fear. Urgency pressures you with time (you have one hour), using haste. They often appear in the same message, so look at what's doing the work: if the core lever is a threat, it's intimidation; if it's a ticking clock, it's urgency. When a question lists both elements, match it to whichever the answer choices emphasize.
Intimidation is a social engineering tactic where an attacker threatens negative consequences to force you to comply.
It works by exploiting a natural human aversion to bad outcomes, so fear gets you to act before you can verify the request.
Intimidation and urgency are different: intimidation uses a threat, urgency uses a deadline, and attackers often combine both in one message.
On the exam, the giveaway is a threat phrase like 'your account will be deleted/locked/closed unless you...'
A successful intimidation attack can lead to a victim handing over a password, a one-time code, or clicking a malicious link.
Intimidation is a social engineering tactic where an adversary threatens a target with negative consequences if they don't comply. It uses fear of a bad outcome (like losing an account) to manipulate the victim into acting.
No. Intimidation relies on a threat of negative consequences, while urgency relies on time pressure. They show up together often, like an email that says your account will be deleted (intimidation) within one hour (urgency), but they're distinct tactics in the CED.
Look at the main lever in the scenario. If the core threat is a bad consequence (account locked, deleted, closed), it's intimidation. If the focus is on a deadline that makes you rush (within two hours, immediately), it's urgency.
It works because humans naturally try to avoid negative consequences. By drawing attention to a scary outcome, attackers trigger fear, and fear pushes you to act fast without stopping to check whether the message is real.
You could hand over personal info, a one-time password or login code, or download malware by clicking a malicious link. That can let an adversary impersonate you or log in to your accounts as you.
Connect this key term to the AP exam workflow: review the course, practice questions, and check related study tools.