Hoax

Baiting

Pretexting

Spam

AThe best answer is A. Hoax because the scenario is built around a false alarm message designed to provoke fear, urgency, and reactive behavior rather than to deliver a real payload. In CEH-aligned social engineering concepts, a hoax typically involves distributing a fabricated warning (for example, claims of imminent system failure, viruses spreading internally, accounts being deleted, or catastrophic outages) to manipulate users into taking unnecessary actions or spreading the message further. The key trait is that the content is intentionally untrue and aims to exploit human psychology—especially urgency and fear—to disrupt normal operations or trigger unsafe decisions.Here, Liam impersonates the security team and claims “all systems will shut down within 24 hours” unless employees act. Even though the email contains no malware, it still achieves a common hoax outcome: confusion, loss of productivity, and increased helpdesk load as employees contact IT. In real-world attacks, hoaxes can be used as a precursor to more damaging steps (e.g., pushing victims toward unsafe links, persuading them to install fake “patches,” or creating noise that distracts defenders), but the defining characteristic remains the false security warning and the behavioral manipulation it causes.Why the other options are less correct: Baiting relies on enticing victims with something appealing (free software, prizes, “exclusive” content) to get them to click or plug in media; this scenario is fear/urgency, not temptation. Pretexting is the creation of a believable fabricated identity/story to obtain information or actions; while impersonation is present, the question’s hallmark is the deliberately false alarm consistent with a hoax. Spam refers to unsolicited bulk messaging and is not defined by deception about imminent shutdowns or security crises.Therefore, Liam is demonstrating a hoax social engineering technique.