As an IT security manager for a retail company, you receive reports about a phishing campaign targeting your employees via text messages, which claim to be from the IT department. The messages request immediate confirmation of account details to prevent account deactivation. Which of the following represents the threat vector used in this scenario?