A physical security breach where an unauthorized person follows an authorized individual through a secured entrance or checkpoint, exploiting politeness and social norms to bypass access controls.
A physical security breach where an unauthorized person follows an authorized individual through a secured entrance or checkpoint, exploiting politeness and social norms to bypass access controls.
Think you've been targeted?
Paste the suspicious content here for an instant analysis.
No signup · 6 detection layers · Results in seconds · Cmd+Enter
Tailgating, also called piggybacking, is one of the simplest yet most effective social engineering techniques. It exploits the basic human instinct to hold doors open for others. An attacker simply waits near a secured entrance and follows an authorized person through.
This technique is surprisingly effective in corporate environments. Most people feel awkward challenging someone who appears to belong, especially if they're carrying boxes, wearing a company lanyard, or chatting casually on a phone.
Once inside a secured area, the attacker can access sensitive equipment, plant listening devices, steal documents, install malware on unattended computers, or simply gather intelligence about the organization's security posture.
A penetration tester gained access to a Fortune 500 company's server room by wearing a polo shirt with the HVAC company's logo, carrying a clipboard, and confidently telling the receptionist he was there for a scheduled maintenance check. No one verified his identity at any point.