Which of the following is NOT a type of social engineering attack?

Ransomware is not considered a type of social engineering attack because it primarily involves malicious software designed to deny access to data or systems until a ransom is paid. Instead of manipulating an individual into divulging confidential information or performing an action, ransomware exploits software vulnerabilities or users' negligence to infect systems.

In contrast, phishing, spear phishing, and pretexting are all forms of social engineering attacks that rely on human interaction and psychological manipulation. Phishing involves sending deceptive messages to trick individuals into revealing personal information; spear phishing is a targeted variant of phishing that personalizes the approach to specific individuals or organizations; and pretexting involves creating a fabricated scenario to extract sensitive information from victims, often by impersonating a trusted entity. Each of these attacks relies on exploiting human psychology, which is the hallmark of social engineering. Thus, ransomware stands apart as it does not involve these human-targeted tactics but rather operates through software exploitation.