Tailgating Attack

Howard Poston
Oct 19, 2023
Tailgating Attack

A tailgating attack is when the attacker gains access to a secure area by following an authorized individual, or “tailgating,” through a restricted entryway. The attacker, or “tailgater,” will closely follow the authorized individual to avoid being noticed. Tailgating attacks are less sophisticated than modern-day cyber attacks but can be as dangerous. Physical security measures are critical in preventing tailgating attacks.

Examples of Tailgating Attacks

Below are examples of tailgating attacks:

  • A distracted employee exits a building while on his phone and does not close the door behind them, which allows an unauthorized person to enter the building.
  • A company employee is deceived into opening the door to an individual who claims to be a contractor.
  • An employee enters a secure area through an unlocked door, and an unauthorized person follows closely behind them and enters the building without hesitation.

As noted, tailgating attacks could be more sophisticated, and it may be hard to believe they occur. However, a well-known tailgating attacker is the subject of the Hollywood film “Catch Me If You Can.”

How to Prevent Tailgating Attacks

Tailgating attackers may come across as someone authorized to be in a secure area because of their confidence or perceived knowledge. However, to mitigate this and prevent unauthorized access, here are some steps companies can take to protect themselves from tailgating attacks:

  • Security guards: The most effective way to prevent unauthorized access is by stationing security guards in key building areas. They can also check IDs to verify that individuals are who they say they are.
  • Access control system: Access control systems utilize electronic locks to control access to a secure area. These systems can also keep track of who entered and exited a room.
Howard Poston

Howard Poston is a copywriter, author, and course developer with experience in cybersecurity and blockchain security, cryptography, and malware analysis. He has an MS in Cyber Operations, a decade of experience in cybersecurity, and over five years of experience as a freelance consultant.

Glossary Terms

Stay up to date with the most recent #infosec topics

Trending Topics

Interested In
Next-Gen MFA?

Discover Multi-Pass enterprise passwordless authentication

Share the page: