Which form of attack involves exploiting vulnerabilities in a user's trust in a trusted source?

Phishing is an attack that specifically involves exploiting a user's trust in what they perceive to be a legitimate or trusted source. Attackers often craft deceptive emails, messages, or websites that resemble those of reputable organizations, prompting users to provide sensitive information such as usernames, passwords, or financial details. The success of a phishing attack hinges on the victim's trust; they are duped into believing they are interacting with a trusted entity, leading them to act in a way that can compromise their security.

In contrast, ransomware is a type of malware that restricts access to the victim's data, usually by encryption, until a ransom is paid. A brute force attack is a method used to gain access to accounts by systematically attempting all possible password combinations, and it doesn't involve exploiting user trust. A man-in-the-middle attack occurs when an attacker intercepts communications between two parties, which can compromise data but is different from the trust-based deception seen in phishing. Thus, the defining characteristic of phishing as a trust exploitation attack makes it the correct choice.