Roles to play when tailgaiting into a residential building
up vote
66
down vote
favorite
Following people into a large RFID protected residential building is ridiculously easy, as not everyone knows everyone else. Just the other day I was let in with a rifle (an airgun, but how could have they known).
But standing helplessly in front of the door, looking in sorrow at the lock, is not the best role to play as it attracts questions like "who are you" or "who are you visiting".
What is a more appropriate behavior when waiting around for someone to enter?
social-engineering physical-access
asked 2 days ago
Vorac
75511121
add a comment |
up vote
66
down vote
favorite
Following people into a large RFID protected residential building is ridiculously easy, as not everyone knows everyone else. Just the other day I was let in with a rifle (an airgun, but how could have they known).
But standing helplessly in front of the door, looking in sorrow at the lock, is not the best role to play as it attracts questions like "who are you" or "who are you visiting".
What is a more appropriate behavior when waiting around for someone to enter?
social-engineering physical-access
asked 2 days ago
Vorac
75511121
21
Wait for people to come out for a smoke, smoke with them while talking to them. When they go back in, you join them.
– Jeroen - IT Nerdbox
2 days ago
8
"but how could have they known" - Not sure where you're located but if you can buy an air rifle and carry it around without much bother then that likely means you're in a place where the locals know what air rifles look like and you happened to run into one.
– Freiheit
yesterday
20
If someone carrying a rifle tried to follow you into a building, would you challenge them?
– Jeffrey Bosboom
yesterday
What has become of pushing every button on the doorbell panel? Someone always opens...
– Damon
1 hour ago
add a comment |
up vote
66
down vote
favorite
up vote
66
down vote
favorite
Following people into a large RFID protected residential building is ridiculously easy, as not everyone knows everyone else. Just the other day I was let in with a rifle (an airgun, but how could have they known).
But standing helplessly in front of the door, looking in sorrow at the lock, is not the best role to play as it attracts questions like "who are you" or "who are you visiting".
What is a more appropriate behavior when waiting around for someone to enter?
social-engineering physical-access
asked 2 days ago
Vorac
75511121
Following people into a large RFID protected residential building is ridiculously easy, as not everyone knows everyone else. Just the other day I was let in with a rifle (an airgun, but how could have they known).
But standing helplessly in front of the door, looking in sorrow at the lock, is not the best role to play as it attracts questions like "who are you" or "who are you visiting".
What is a more appropriate behavior when waiting around for someone to enter?
social-engineering physical-access
social-engineering physical-access
asked 2 days ago
Vorac
75511121
asked 2 days ago
Vorac
75511121
asked 2 days ago
Vorac
75511121
asked 2 days ago
Vorac
75511121
asked 2 days ago
Vorac
75511121
75511121
21
Wait for people to come out for a smoke, smoke with them while talking to them. When they go back in, you join them.
– Jeroen - IT Nerdbox
2 days ago
8
"but how could have they known" - Not sure where you're located but if you can buy an air rifle and carry it around without much bother then that likely means you're in a place where the locals know what air rifles look like and you happened to run into one.
– Freiheit
yesterday
20
If someone carrying a rifle tried to follow you into a building, would you challenge them?
– Jeffrey Bosboom
yesterday
What has become of pushing every button on the doorbell panel? Someone always opens...
– Damon
1 hour ago
add a comment |
21
Wait for people to come out for a smoke, smoke with them while talking to them. When they go back in, you join them.
– Jeroen - IT Nerdbox
2 days ago
8
"but how could have they known" - Not sure where you're located but if you can buy an air rifle and carry it around without much bother then that likely means you're in a place where the locals know what air rifles look like and you happened to run into one.
– Freiheit
yesterday
20
If someone carrying a rifle tried to follow you into a building, would you challenge them?
– Jeffrey Bosboom
yesterday
What has become of pushing every button on the doorbell panel? Someone always opens...
– Damon
1 hour ago
21
21
Wait for people to come out for a smoke, smoke with them while talking to them. When they go back in, you join them.
– Jeroen - IT Nerdbox
2 days ago
Wait for people to come out for a smoke, smoke with them while talking to them. When they go back in, you join them.
– Jeroen - IT Nerdbox
2 days ago
8
8
"but how could have they known" - Not sure where you're located but if you can buy an air rifle and carry it around without much bother then that likely means you're in a place where the locals know what air rifles look like and you happened to run into one.
– Freiheit
yesterday
"but how could have they known" - Not sure where you're located but if you can buy an air rifle and carry it around without much bother then that likely means you're in a place where the locals know what air rifles look like and you happened to run into one.
– Freiheit
yesterday
20
20
If someone carrying a rifle tried to follow you into a building, would you challenge them?
– Jeffrey Bosboom
yesterday
If someone carrying a rifle tried to follow you into a building, would you challenge them?
– Jeffrey Bosboom
yesterday
What has become of pushing every button on the doorbell panel? Someone always opens...
– Damon
1 hour ago
What has become of pushing every button on the doorbell panel? Someone always opens...
– Damon
1 hour ago
add a comment |
3 Answers
3
active
oldest
votes
up vote
98
down vote
There are some basic social engineering approaches to use that work in most situations, not just tailgating:
- urgency
- authority
- curiosity
- pretexting
Urgency
Be someone with a specific task to perform that needs to be done right now. The classics are a delivery person with full arms and someone looking to pick someone else up. A family member needing to check on an elderly resident. People want to be helpful and they don't think that you will be around long enough to be a threat.
Authority
Be someone who the gatekeeper has no right or reason to refuse. Fire marshal, utilities inspector, law enforcement, building security, process server. Lots of studies of people being let in with a just clipboard and a high-visibility vest.
Curiosity
To get close to someone, be very interesting in such a way that they want to know more. Dress up as a clown to deliver a telegram.
Pretexting
Establish a shallow relationship that appears to be deeper. Smoking with people outside on their break is classic. The smokers will assume you are also an employee (why else would you be there?)
Combinations
But these work even better in combination. A fire marshal in an awful rush. A clown who claims he was at the last company party (and knows a few important names). The more combinations you can combine, the more effective the process is: an authority figure, in a rush, to do something interesting, who claims to have a pre-existing relationship. If you go over the top or try to hard, it will backfire, though.
answered 2 days ago
schroeder♦
70.5k27152188
142
So you are saying a smoking clown with with a fire axe on his back and a police cap on the head hodling 6 packages with a cliboard lying on top demanding to enter the building to check on his elderly mother because he is worried that there is a gas leak would not work? I guess, I'll have to send everything back then.
– problemofficer
2 days ago
50
"Lots of studies of people being let in with a just clipboard and a high-visibility vest." - for most large buildings I've worked/lived in, all you'd have to say is "I'm here to work on the AC (or heater)" and they'll roll out the red carpet for you.
– Lord Farquaad
2 days ago
7
I suspect combinations are a bad idea. You want to avoid making the mark think too closely. Each of the examples seems to be a normal individual and a lazy thinking mark will let them in. I think you are right with the last sentence that combinations can backfire, but I think the threshold for decreasing your chance of success is lower.
– Ross Millikan
2 days ago
33
This is a good answer. I would also add "social awkwardness," as in people will avoid interacting with you if they think it would be awkward. For example, you could wait for someone to approach the gate then walk in with them while talking continuously on your cell phone-- most people won't want to interrupt.
– John Wu
2 days ago
12
@John that's definitely something you could combine. A guy with a vest and clipboard (or suit and clipboard, depending on the place), on the phone with a confident nod toward the security guard as he walks in would be pretty solid.
– Cullub
yesterday
|
show 2 more comments
up vote
37
down vote
Just stand outside the door at some distance talking on your phone. Don't look at the door, don't look at the person coming to open it, don't look like you want to get in. Don't ask to be let in. Don't engage in conversation. Just let the person open the door and go through. Then in the last second before it closes and lock, you walk through still talking on your phone.
Wearing a costume or high-vis will make you... well, highly visible. In some places you might need the costume and the excuse to get in. But in a lot of places, just blending in like an unmemorable nobody is quite enough. Dress like you belong, don't ask, just walk.
As a disclaimer I should note that I have no professional experience with this. But I do use it all the time to get into my office when I forget my RFID tag.
answered yesterday
Anders
47.4k21134157
8
I do use it all the time to get into my office when I forget my RFID tag- I sure hope your office doesn't handle any sensitive information.
– Strikegently
yesterday
add a comment |
up vote
16
down vote
The main element, as you've said, is to not look like you're waiting for your mark to arrive. What you need is a prop that gives a visual indication why you're standing outside the door.
Useful props (that would explain your presence) would include:
- Cigarette or e-Cig.
- Lunch-bag(s).
- Coffee(s) from a local distributor.
- Box of doughnuts.
Having a bulky item or two of something (one in each hand) is especially useful because it would explain why you can't reach for a pass.
Story-time. I was working for a company that had access passes. A local hoodlum bought himself a cheap suit and tried to tailgate into the side-entrance. He was stopped by a member of staff as per the company policy. The hoodlum brazened it out by asking him "was it because he was black?" and the member of staff immediately apologised. The hoodlum demanded his manager's name (so he could make a complaint) and received even more profuse apologies.
The 'mark' then helped him to take laptops out of the conference suite and load them into the back of an unmarked van.
Moral of the story? Social engineering simply requires confidence
answered yesterday
Richard
65049
add a comment |
3 Answers
3
active
oldest
votes
3 Answers
3
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
98
down vote
There are some basic social engineering approaches to use that work in most situations, not just tailgating:
- urgency
- authority
- curiosity
- pretexting
Urgency
Be someone with a specific task to perform that needs to be done right now. The classics are a delivery person with full arms and someone looking to pick someone else up. A family member needing to check on an elderly resident. People want to be helpful and they don't think that you will be around long enough to be a threat.
Authority
Be someone who the gatekeeper has no right or reason to refuse. Fire marshal, utilities inspector, law enforcement, building security, process server. Lots of studies of people being let in with a just clipboard and a high-visibility vest.
Curiosity
To get close to someone, be very interesting in such a way that they want to know more. Dress up as a clown to deliver a telegram.
Pretexting
Establish a shallow relationship that appears to be deeper. Smoking with people outside on their break is classic. The smokers will assume you are also an employee (why else would you be there?)
Combinations
But these work even better in combination. A fire marshal in an awful rush. A clown who claims he was at the last company party (and knows a few important names). The more combinations you can combine, the more effective the process is: an authority figure, in a rush, to do something interesting, who claims to have a pre-existing relationship. If you go over the top or try to hard, it will backfire, though.
answered 2 days ago
schroeder♦
70.5k27152188
142
So you are saying a smoking clown with with a fire axe on his back and a police cap on the head hodling 6 packages with a cliboard lying on top demanding to enter the building to check on his elderly mother because he is worried that there is a gas leak would not work? I guess, I'll have to send everything back then.
– problemofficer
2 days ago
50
"Lots of studies of people being let in with a just clipboard and a high-visibility vest." - for most large buildings I've worked/lived in, all you'd have to say is "I'm here to work on the AC (or heater)" and they'll roll out the red carpet for you.
– Lord Farquaad
2 days ago
7
I suspect combinations are a bad idea. You want to avoid making the mark think too closely. Each of the examples seems to be a normal individual and a lazy thinking mark will let them in. I think you are right with the last sentence that combinations can backfire, but I think the threshold for decreasing your chance of success is lower.
– Ross Millikan
2 days ago
33
This is a good answer. I would also add "social awkwardness," as in people will avoid interacting with you if they think it would be awkward. For example, you could wait for someone to approach the gate then walk in with them while talking continuously on your cell phone-- most people won't want to interrupt.
– John Wu
2 days ago
12
@John that's definitely something you could combine. A guy with a vest and clipboard (or suit and clipboard, depending on the place), on the phone with a confident nod toward the security guard as he walks in would be pretty solid.
– Cullub
yesterday
|
show 2 more comments
up vote
98
down vote
There are some basic social engineering approaches to use that work in most situations, not just tailgating:
- urgency
- authority
- curiosity
- pretexting
Urgency
Be someone with a specific task to perform that needs to be done right now. The classics are a delivery person with full arms and someone looking to pick someone else up. A family member needing to check on an elderly resident. People want to be helpful and they don't think that you will be around long enough to be a threat.
Authority
Be someone who the gatekeeper has no right or reason to refuse. Fire marshal, utilities inspector, law enforcement, building security, process server. Lots of studies of people being let in with a just clipboard and a high-visibility vest.
Curiosity
To get close to someone, be very interesting in such a way that they want to know more. Dress up as a clown to deliver a telegram.
Pretexting
Establish a shallow relationship that appears to be deeper. Smoking with people outside on their break is classic. The smokers will assume you are also an employee (why else would you be there?)
Combinations
But these work even better in combination. A fire marshal in an awful rush. A clown who claims he was at the last company party (and knows a few important names). The more combinations you can combine, the more effective the process is: an authority figure, in a rush, to do something interesting, who claims to have a pre-existing relationship. If you go over the top or try to hard, it will backfire, though.
answered 2 days ago
schroeder♦
70.5k27152188
142
So you are saying a smoking clown with with a fire axe on his back and a police cap on the head hodling 6 packages with a cliboard lying on top demanding to enter the building to check on his elderly mother because he is worried that there is a gas leak would not work? I guess, I'll have to send everything back then.
– problemofficer
2 days ago
50
"Lots of studies of people being let in with a just clipboard and a high-visibility vest." - for most large buildings I've worked/lived in, all you'd have to say is "I'm here to work on the AC (or heater)" and they'll roll out the red carpet for you.
– Lord Farquaad
2 days ago
7
I suspect combinations are a bad idea. You want to avoid making the mark think too closely. Each of the examples seems to be a normal individual and a lazy thinking mark will let them in. I think you are right with the last sentence that combinations can backfire, but I think the threshold for decreasing your chance of success is lower.
– Ross Millikan
2 days ago
33
This is a good answer. I would also add "social awkwardness," as in people will avoid interacting with you if they think it would be awkward. For example, you could wait for someone to approach the gate then walk in with them while talking continuously on your cell phone-- most people won't want to interrupt.
– John Wu
2 days ago
12
@John that's definitely something you could combine. A guy with a vest and clipboard (or suit and clipboard, depending on the place), on the phone with a confident nod toward the security guard as he walks in would be pretty solid.
– Cullub
yesterday
|
show 2 more comments
up vote
98
down vote
up vote
98
down vote
There are some basic social engineering approaches to use that work in most situations, not just tailgating:
- urgency
- authority
- curiosity
- pretexting
Urgency
Be someone with a specific task to perform that needs to be done right now. The classics are a delivery person with full arms and someone looking to pick someone else up. A family member needing to check on an elderly resident. People want to be helpful and they don't think that you will be around long enough to be a threat.
Authority
Be someone who the gatekeeper has no right or reason to refuse. Fire marshal, utilities inspector, law enforcement, building security, process server. Lots of studies of people being let in with a just clipboard and a high-visibility vest.
Curiosity
To get close to someone, be very interesting in such a way that they want to know more. Dress up as a clown to deliver a telegram.
Pretexting
Establish a shallow relationship that appears to be deeper. Smoking with people outside on their break is classic. The smokers will assume you are also an employee (why else would you be there?)
Combinations
But these work even better in combination. A fire marshal in an awful rush. A clown who claims he was at the last company party (and knows a few important names). The more combinations you can combine, the more effective the process is: an authority figure, in a rush, to do something interesting, who claims to have a pre-existing relationship. If you go over the top or try to hard, it will backfire, though.
answered 2 days ago
schroeder♦
70.5k27152188
There are some basic social engineering approaches to use that work in most situations, not just tailgating:
- urgency
- authority
- curiosity
- pretexting
Urgency
Be someone with a specific task to perform that needs to be done right now. The classics are a delivery person with full arms and someone looking to pick someone else up. A family member needing to check on an elderly resident. People want to be helpful and they don't think that you will be around long enough to be a threat.
Authority
Be someone who the gatekeeper has no right or reason to refuse. Fire marshal, utilities inspector, law enforcement, building security, process server. Lots of studies of people being let in with a just clipboard and a high-visibility vest.
Curiosity
To get close to someone, be very interesting in such a way that they want to know more. Dress up as a clown to deliver a telegram.
Pretexting
Establish a shallow relationship that appears to be deeper. Smoking with people outside on their break is classic. The smokers will assume you are also an employee (why else would you be there?)
Combinations
But these work even better in combination. A fire marshal in an awful rush. A clown who claims he was at the last company party (and knows a few important names). The more combinations you can combine, the more effective the process is: an authority figure, in a rush, to do something interesting, who claims to have a pre-existing relationship. If you go over the top or try to hard, it will backfire, though.
answered 2 days ago
schroeder♦
70.5k27152188
edited 2 days ago
answered 2 days ago
schroeder♦
70.5k27152188
answered 2 days ago
schroeder♦
70.5k27152188
answered 2 days ago
schroeder♦
70.5k27152188
70.5k27152188
142
So you are saying a smoking clown with with a fire axe on his back and a police cap on the head hodling 6 packages with a cliboard lying on top demanding to enter the building to check on his elderly mother because he is worried that there is a gas leak would not work? I guess, I'll have to send everything back then.
– problemofficer
2 days ago
50
"Lots of studies of people being let in with a just clipboard and a high-visibility vest." - for most large buildings I've worked/lived in, all you'd have to say is "I'm here to work on the AC (or heater)" and they'll roll out the red carpet for you.
– Lord Farquaad
2 days ago
7
I suspect combinations are a bad idea. You want to avoid making the mark think too closely. Each of the examples seems to be a normal individual and a lazy thinking mark will let them in. I think you are right with the last sentence that combinations can backfire, but I think the threshold for decreasing your chance of success is lower.
– Ross Millikan
2 days ago
33
This is a good answer. I would also add "social awkwardness," as in people will avoid interacting with you if they think it would be awkward. For example, you could wait for someone to approach the gate then walk in with them while talking continuously on your cell phone-- most people won't want to interrupt.
– John Wu
2 days ago
12
@John that's definitely something you could combine. A guy with a vest and clipboard (or suit and clipboard, depending on the place), on the phone with a confident nod toward the security guard as he walks in would be pretty solid.
– Cullub
yesterday
|
show 2 more comments
142
So you are saying a smoking clown with with a fire axe on his back and a police cap on the head hodling 6 packages with a cliboard lying on top demanding to enter the building to check on his elderly mother because he is worried that there is a gas leak would not work? I guess, I'll have to send everything back then.
– problemofficer
2 days ago
50
"Lots of studies of people being let in with a just clipboard and a high-visibility vest." - for most large buildings I've worked/lived in, all you'd have to say is "I'm here to work on the AC (or heater)" and they'll roll out the red carpet for you.
– Lord Farquaad
2 days ago
7
I suspect combinations are a bad idea. You want to avoid making the mark think too closely. Each of the examples seems to be a normal individual and a lazy thinking mark will let them in. I think you are right with the last sentence that combinations can backfire, but I think the threshold for decreasing your chance of success is lower.
– Ross Millikan
2 days ago
33
This is a good answer. I would also add "social awkwardness," as in people will avoid interacting with you if they think it would be awkward. For example, you could wait for someone to approach the gate then walk in with them while talking continuously on your cell phone-- most people won't want to interrupt.
– John Wu
2 days ago
12
@John that's definitely something you could combine. A guy with a vest and clipboard (or suit and clipboard, depending on the place), on the phone with a confident nod toward the security guard as he walks in would be pretty solid.
– Cullub
yesterday
142
142
So you are saying a smoking clown with with a fire axe on his back and a police cap on the head hodling 6 packages with a cliboard lying on top demanding to enter the building to check on his elderly mother because he is worried that there is a gas leak would not work? I guess, I'll have to send everything back then.
– problemofficer
2 days ago
So you are saying a smoking clown with with a fire axe on his back and a police cap on the head hodling 6 packages with a cliboard lying on top demanding to enter the building to check on his elderly mother because he is worried that there is a gas leak would not work? I guess, I'll have to send everything back then.
– problemofficer
2 days ago
50
50
"Lots of studies of people being let in with a just clipboard and a high-visibility vest." - for most large buildings I've worked/lived in, all you'd have to say is "I'm here to work on the AC (or heater)" and they'll roll out the red carpet for you.
– Lord Farquaad
2 days ago
"Lots of studies of people being let in with a just clipboard and a high-visibility vest." - for most large buildings I've worked/lived in, all you'd have to say is "I'm here to work on the AC (or heater)" and they'll roll out the red carpet for you.
– Lord Farquaad
2 days ago
7
7
I suspect combinations are a bad idea. You want to avoid making the mark think too closely. Each of the examples seems to be a normal individual and a lazy thinking mark will let them in. I think you are right with the last sentence that combinations can backfire, but I think the threshold for decreasing your chance of success is lower.
– Ross Millikan
2 days ago
I suspect combinations are a bad idea. You want to avoid making the mark think too closely. Each of the examples seems to be a normal individual and a lazy thinking mark will let them in. I think you are right with the last sentence that combinations can backfire, but I think the threshold for decreasing your chance of success is lower.
– Ross Millikan
2 days ago
33
33
This is a good answer. I would also add "social awkwardness," as in people will avoid interacting with you if they think it would be awkward. For example, you could wait for someone to approach the gate then walk in with them while talking continuously on your cell phone-- most people won't want to interrupt.
– John Wu
2 days ago
This is a good answer. I would also add "social awkwardness," as in people will avoid interacting with you if they think it would be awkward. For example, you could wait for someone to approach the gate then walk in with them while talking continuously on your cell phone-- most people won't want to interrupt.
– John Wu
2 days ago
12
12
@John that's definitely something you could combine. A guy with a vest and clipboard (or suit and clipboard, depending on the place), on the phone with a confident nod toward the security guard as he walks in would be pretty solid.
– Cullub
yesterday
@John that's definitely something you could combine. A guy with a vest and clipboard (or suit and clipboard, depending on the place), on the phone with a confident nod toward the security guard as he walks in would be pretty solid.
– Cullub
yesterday
|
show 2 more comments
up vote
37
down vote
Just stand outside the door at some distance talking on your phone. Don't look at the door, don't look at the person coming to open it, don't look like you want to get in. Don't ask to be let in. Don't engage in conversation. Just let the person open the door and go through. Then in the last second before it closes and lock, you walk through still talking on your phone.
Wearing a costume or high-vis will make you... well, highly visible. In some places you might need the costume and the excuse to get in. But in a lot of places, just blending in like an unmemorable nobody is quite enough. Dress like you belong, don't ask, just walk.
As a disclaimer I should note that I have no professional experience with this. But I do use it all the time to get into my office when I forget my RFID tag.
answered yesterday
Anders
47.4k21134157
8
I do use it all the time to get into my office when I forget my RFID tag- I sure hope your office doesn't handle any sensitive information.
– Strikegently
yesterday
add a comment |
up vote
37
down vote
Just stand outside the door at some distance talking on your phone. Don't look at the door, don't look at the person coming to open it, don't look like you want to get in. Don't ask to be let in. Don't engage in conversation. Just let the person open the door and go through. Then in the last second before it closes and lock, you walk through still talking on your phone.
Wearing a costume or high-vis will make you... well, highly visible. In some places you might need the costume and the excuse to get in. But in a lot of places, just blending in like an unmemorable nobody is quite enough. Dress like you belong, don't ask, just walk.
As a disclaimer I should note that I have no professional experience with this. But I do use it all the time to get into my office when I forget my RFID tag.
answered yesterday
Anders
47.4k21134157
8
I do use it all the time to get into my office when I forget my RFID tag- I sure hope your office doesn't handle any sensitive information.
– Strikegently
yesterday
add a comment |
up vote
37
down vote
up vote
37
down vote
Just stand outside the door at some distance talking on your phone. Don't look at the door, don't look at the person coming to open it, don't look like you want to get in. Don't ask to be let in. Don't engage in conversation. Just let the person open the door and go through. Then in the last second before it closes and lock, you walk through still talking on your phone.
Wearing a costume or high-vis will make you... well, highly visible. In some places you might need the costume and the excuse to get in. But in a lot of places, just blending in like an unmemorable nobody is quite enough. Dress like you belong, don't ask, just walk.
As a disclaimer I should note that I have no professional experience with this. But I do use it all the time to get into my office when I forget my RFID tag.
answered yesterday
Anders
47.4k21134157
Just stand outside the door at some distance talking on your phone. Don't look at the door, don't look at the person coming to open it, don't look like you want to get in. Don't ask to be let in. Don't engage in conversation. Just let the person open the door and go through. Then in the last second before it closes and lock, you walk through still talking on your phone.
Wearing a costume or high-vis will make you... well, highly visible. In some places you might need the costume and the excuse to get in. But in a lot of places, just blending in like an unmemorable nobody is quite enough. Dress like you belong, don't ask, just walk.
As a disclaimer I should note that I have no professional experience with this. But I do use it all the time to get into my office when I forget my RFID tag.
answered yesterday
Anders
47.4k21134157
answered yesterday
Anders
47.4k21134157
answered yesterday
Anders
47.4k21134157
answered yesterday
Anders
47.4k21134157
47.4k21134157
8
I do use it all the time to get into my office when I forget my RFID tag- I sure hope your office doesn't handle any sensitive information.
– Strikegently
yesterday
add a comment |
8
I do use it all the time to get into my office when I forget my RFID tag- I sure hope your office doesn't handle any sensitive information.
– Strikegently
yesterday
8
8
I do use it all the time to get into my office when I forget my RFID tag - I sure hope your office doesn't handle any sensitive information.– Strikegently
yesterday
I do use it all the time to get into my office when I forget my RFID tag - I sure hope your office doesn't handle any sensitive information.– Strikegently
yesterday
add a comment |
up vote
16
down vote
The main element, as you've said, is to not look like you're waiting for your mark to arrive. What you need is a prop that gives a visual indication why you're standing outside the door.
Useful props (that would explain your presence) would include:
- Cigarette or e-Cig.
- Lunch-bag(s).
- Coffee(s) from a local distributor.
- Box of doughnuts.
Having a bulky item or two of something (one in each hand) is especially useful because it would explain why you can't reach for a pass.
Story-time. I was working for a company that had access passes. A local hoodlum bought himself a cheap suit and tried to tailgate into the side-entrance. He was stopped by a member of staff as per the company policy. The hoodlum brazened it out by asking him "was it because he was black?" and the member of staff immediately apologised. The hoodlum demanded his manager's name (so he could make a complaint) and received even more profuse apologies.
The 'mark' then helped him to take laptops out of the conference suite and load them into the back of an unmarked van.
Moral of the story? Social engineering simply requires confidence
answered yesterday
Richard
65049
add a comment |
up vote
16
down vote
The main element, as you've said, is to not look like you're waiting for your mark to arrive. What you need is a prop that gives a visual indication why you're standing outside the door.
Useful props (that would explain your presence) would include:
- Cigarette or e-Cig.
- Lunch-bag(s).
- Coffee(s) from a local distributor.
- Box of doughnuts.
Having a bulky item or two of something (one in each hand) is especially useful because it would explain why you can't reach for a pass.
Story-time. I was working for a company that had access passes. A local hoodlum bought himself a cheap suit and tried to tailgate into the side-entrance. He was stopped by a member of staff as per the company policy. The hoodlum brazened it out by asking him "was it because he was black?" and the member of staff immediately apologised. The hoodlum demanded his manager's name (so he could make a complaint) and received even more profuse apologies.
The 'mark' then helped him to take laptops out of the conference suite and load them into the back of an unmarked van.
Moral of the story? Social engineering simply requires confidence
answered yesterday
Richard
65049
add a comment |
up vote
16
down vote
up vote
16
down vote
The main element, as you've said, is to not look like you're waiting for your mark to arrive. What you need is a prop that gives a visual indication why you're standing outside the door.
Useful props (that would explain your presence) would include:
- Cigarette or e-Cig.
- Lunch-bag(s).
- Coffee(s) from a local distributor.
- Box of doughnuts.
Having a bulky item or two of something (one in each hand) is especially useful because it would explain why you can't reach for a pass.
Story-time. I was working for a company that had access passes. A local hoodlum bought himself a cheap suit and tried to tailgate into the side-entrance. He was stopped by a member of staff as per the company policy. The hoodlum brazened it out by asking him "was it because he was black?" and the member of staff immediately apologised. The hoodlum demanded his manager's name (so he could make a complaint) and received even more profuse apologies.
The 'mark' then helped him to take laptops out of the conference suite and load them into the back of an unmarked van.
Moral of the story? Social engineering simply requires confidence
answered yesterday
Richard
65049
The main element, as you've said, is to not look like you're waiting for your mark to arrive. What you need is a prop that gives a visual indication why you're standing outside the door.
Useful props (that would explain your presence) would include:
- Cigarette or e-Cig.
- Lunch-bag(s).
- Coffee(s) from a local distributor.
- Box of doughnuts.
Having a bulky item or two of something (one in each hand) is especially useful because it would explain why you can't reach for a pass.
Story-time. I was working for a company that had access passes. A local hoodlum bought himself a cheap suit and tried to tailgate into the side-entrance. He was stopped by a member of staff as per the company policy. The hoodlum brazened it out by asking him "was it because he was black?" and the member of staff immediately apologised. The hoodlum demanded his manager's name (so he could make a complaint) and received even more profuse apologies.
The 'mark' then helped him to take laptops out of the conference suite and load them into the back of an unmarked van.
Moral of the story? Social engineering simply requires confidence
answered yesterday
Richard
65049
edited 22 hours ago
answered yesterday
Richard
65049
answered yesterday
Richard
65049
answered yesterday
Richard
65049
65049
add a comment |
add a comment |
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f197732%2froles-to-play-when-tailgaiting-into-a-residential-building%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
21
Wait for people to come out for a smoke, smoke with them while talking to them. When they go back in, you join them.
– Jeroen - IT Nerdbox
2 days ago
8
"but how could have they known" - Not sure where you're located but if you can buy an air rifle and carry it around without much bother then that likely means you're in a place where the locals know what air rifles look like and you happened to run into one.
– Freiheit
yesterday
20
If someone carrying a rifle tried to follow you into a building, would you challenge them?
– Jeffrey Bosboom
yesterday
What has become of pushing every button on the doorbell panel? Someone always opens...
– Damon
1 hour ago