Which of the following is NOT a type of Social Engineering Attack?

The reason why the choice of Trojan Horse is identified as not being a type of social engineering attack lies in the fundamental nature of the term "social engineering." Social engineering attacks primarily exploit human psychology and social interactions to manipulate individuals into divulging personal information or performing actions that compromise security.

Spear phishing, vishing, and catfishing are all direct manipulations of individuals or groups using deceptive techniques. Spear phishing targets specific individuals with tailored messages, often masquerading as legitimate communications to trick them into revealing sensitive information. Vishing, or voice phishing, involves phone calls that aim to extract personal or financial information from victims under false pretenses. Catfishing refers to the practice of creating a fake persona online to deceive individuals, often for romantic or financial gain.

In contrast, a Trojan Horse is a type of malicious software that appears to be legitimate but is designed to harm the computer or network once activated. While it can lead to security breaches, it does not directly involve manipulating human psychology in the way that social engineering attacks do. Thus, Trojan Horse does not fit within the social engineering context, which is why it is the correct answer to the question presented.