What is tailgating?
Tailgating (also known as piggybacking) is one of the commonest ways hackers and other mal-actors gain access to restricted areas. This could be into a building or an area in the building like the computer room. The mal-actor follows a person through a secure access point, relying on the person to hold the door/barrier open for them to enter.
How does tailgating work?
In its simplest form, tailgating is following someone through a door that has some form of access control, relying on the other person to hold the door open. How many times have we been going through a door and someone has shouted “Hold the door for me please”?
Other common methods include pretending to be a delivery or repair person, carrying large packages that require using both hands or even just looking busy and important.
Since the UK introduced legislation banning smoking in offices, one of the commonest forms of tailgating is to join a group of smokers outside the target building and re-enter with them.
Why does tailgating work?
Tailgating is a fairly simple form of social engineering that relies on specific attributes of human decision-making known as cognitive biases. When tailgating, the mal-actor relies on the other person following common courtesy, either by refraining from challenging them or even holding the door open for them – things that, from a very early age, we have been trained to do.
Most of us would hold a door open for someone carrying a heavy parcel because we’re kind and courteous – something the mal-actor relies on to successfully tailgate.
See also “What is a Tailgating Attack?” on the Check Point website.
Do you want to learn more?
Network Midlands runs seminars to help you detect and defeat social engineering attacks. Find out more at “The Art of Deception“.
