Tailgating in social engineering is a physical security attack where an unauthorized person gains access to a restricted or secured area by closely following someone who has legitimate access. Instead of using hacking or technical means, the attacker exploits human trust, politeness, and social norms—such as holding the door open—to enter places they are not allowed. This form of social engineering relies on deception, coercion, or trickery to bypass physical barriers like locked doors or security checkpoints. Common tactics include pretending to be a delivery person, a maintenance worker, or an employee, and covertly or openly following an authorized person through an access door without valid credentials. Sometimes the attacker even convinces the authorized person to hold the door or grant access out of courtesy. Tailgating presents significant risks including theft of physical devices, unauthorized access to sensitive information, planting malware, and potential sabotage within the organization. Because it exploits human behavior rather than technical vulnerabilities, effective prevention includes employee training, strict security protocols, use of physical barriers like turnstiles, and vigilant monitoring of access points. In essence, tailgating highlights the human factor as a critical vulnerability in an organization's security infrastructure, making awareness and physical security measures essential defenses against this threat.
