To kids, piggybacking is when someone jumps on your back and you carry them around for a while. In the business world, piggybacking is when you let someone that you do not know enter a door that you just opened.
A lot of organizations rely on biometrics, key cards, or even regular keys to open locked doors. These could be doors to get into the building, parking garage, a particular office.
Piggybacking is when someone you do not know, waits for you to open a locked door, and enters in behind you.
Many people allow this to happen because they want to be nice and courteous and open doors for people... you may even hold the door open for them.
While this may be a nice gesture in public places, at the workplace, this could end up costing you.
The bad guys, just like they would try and trick you with a fake email, are targeting your good nature, to gain access into a secured building.
If someone you do not know, is trying to enter the door behind you there are a couple of things you can do to still be courteous and follow the rules.
- Ask them where they are going and who they are there to see, then escort them to the office of the person they are going to see, and verify that they are supposed to be there
- Kindly decline to let them in and explain that your organization has a strict no-piggybacking rule.
Once the bad guys have access to your offices, they can plug into any internet outlets, or sit down at any open and unlocked workstation, or place infected USB keys around the hallways and bathrooms... (All real-world tactics that are being used to trick you)
Remember... when it comes to piggybacking, kindly decline or insist on escorting them to the person they are there to see.
Stop Look Think - Don't be fooled
The KnowBe4 Security Team