Little talked about when we talk about the “art of deception”, tailgating can allow a malicious actor to enter the physical perimeter of your company.
Tailgating: An Unknown, Yet Dangerous, Social Engineering Trick
If you Google tailgating right now you might
come across a definition that will clipping path confuse you as to why we’re talking about it. In English, this term is used to refer to the dangerous act of driving your car too close to the vehicle in front, a common strategy for passing automatic toll gates, for example. However, the tailgating we’re going to talk about here has absolutely nothing to do with cars or good driving practices.
We are talking about the second use of the term, which refers to an unknown but very dangerous social engineering scam. Similar to the automotive situation, in tailgating , the criminal takes advantage of the proximity of an authorized person to invade a restricted area, either by following the employee with access permission or by creating a situation so that the employee lets him pass.
Convincing through emotion
Imagine that you work for a large corporation whose premises encompass an entire building. There are security guards and cameras everywhere. To enter, you need to present your magnetic card — unique and non-transferable! — at the rotating turnstile. However, when you do so, you encounter a guy who says he has lost his card. He is well-dressed, friendly, and asks you to let him in because he will be late for a meeting.
In this situation, how would you react? Unfortunatel
most people, out of compassion, would release the turnstile for the supposedly unknown coworker. What if we told you that this coworker is actually a Проектирано и разработено от RedHatMedia cybercriminal who used an emotional ruse to convince an individual with privileged access to give him free access to the company premises, allowing him to steal assets, spy on documents, and even infect computers with a flash drive?
This is a tailgating scam . At a time when companies are gradually returning to in-person work (or hybrid work, in which employees are free to work independently whenever they want), this threat, which was already forgotten by many when we talk about social engineering, becomes quite serious again, since having a cybercriminal or a spy within the company’s physical perimeter can america email list have consequences as serious as being infected by malware.
