Social engineering scams come in many forms. Have you thought about what to do when a hacker shows up at your front door? On this episode of One-Minute Wednesday, John McCormack will go over some steps to protect yourself from an attack called “tailgating”, where hackers disguise themselves as legitimate vendors and try to infiltrate your office.
Tailgating
Social engineering utilizes personal interaction and trust for its success. In tailgating, hackers will use a variety of methods to get the trust of one of your team members to gain access to your building.
This can come in the form of fake vendors, delivery workers, or even IT specialists. Cybercriminals will often show up under the guise of having an appointment and will then ask to be granted access to sensitive areas. If they’re convincing enough, you leave your network open to being hacked, having devices implanted with malware, and having physical property stolen.
Addressing Threats
How do you identify and prevent these kinds of threats? A first step is to develop a protocol for ensuring that no one can enter your facility if they don’t belong there. If someone shows up unexpectedly claiming to be with a particular vendor, confirm with that company that they’ve set an appointment with you and sent out one of their team members to your building. Trust, but verify. This will keep you vigilant during unsure situations. As one of our security policies, TechMD will always schedule an onsite appointment and call ahead to let you know we’re coming.
Secondly, if you see something, say something. If someone suspicious enters your office, is vague about what they’re doing there, and hasn’t scheduled any appointments, then you know something is wrong. It’s also a major red flag if they can’t tell you exactly where they’re from. When a TechMD employee shows up at your facility, they will always be wearing the TechMD uniform with our logo. So if you don’t recognize the person and encounter any odd activity like this, be sure to report it to the proper personnel in your organization.
Now that you have more awareness on this physical social engineering attack, you can stay on your guard and keep your company safe. Thanks for tuning in and be sure to join us next week!
