The principle of authority in social engineering attacks relies on exploiting people's tendency to comply with figures of authority or individuals who appear to have power or knowledge. Attackers leveraging this principle impersonate authoritative figures, such as executives, IT administrators, or security personnel, to manipulate victims into following their instructions without question. By posing as someone in a position of power or expertise, the attacker gains the trust and compliance of the victim, making it easier to deceive them into divulging sensitive information, granting access to systems, or performing actions that compromise security.