Tailgating
What is Tailgating?
Tailgating is a social engineering technique in which an unauthorized person gains physical access to a restricted area by following closely behind an authorized person and relying on courtesy, distraction, or routine behavior to avoid being challenged.
Examples
- An attacker carrying a box walks behind an employee entering a badge-controlled office door and is let in without using their own credentials.
- Someone follows a staff member through a secure entry point by pretending they forgot their access card.
Discover 🔎
Many people think of security breaches as digital events, but physical access can be just as dangerous. If an attacker can get into the building, the office, the data center, or the controlled area, they may not need to defeat every technical safeguard directly. They may be able to steal devices, observe screens, plant hardware, access unlocked systems, or move closer to sensitive people and processes.
Tailgating matters because it turns normal human politeness into a weakness. The attacker is not forcing the door open or breaking the lock. They are relying on the target to treat secure access like an ordinary social interaction instead of a controlled security decision.
Summary 📝
Tailgating is a social engineering attack that bypasses physical access control by exploiting politeness, routine, and hesitation to challenge others. The attacker does not need to defeat the lock directly if they can persuade someone else to weaken the control for them. Strong defense depends on combining sensible physical controls with a culture that treats identity verification at the door as normal security behavior.
Tip: The interactive version includes progress tracking, decks, and premium deep dives.