Piggybacking

Piggybacking definition

Piggybacking is the act of gaining unauthorized access to an account, system, or network by exploiting another subject’s legitimate entry.

Real piggybacking examples

• Entry to premises: Intruders can take advantage of employee gullibility, distraction, or even kindness to get past physical checkpoints. For example, the intruder may approach the checkpoint while carrying something heavy and ask for a nearby employee to open the barrier for them. Once inside, the intruder would drop the load and proceed straight to the organization’s server room or other data repository.
• Unattended devices: Intruders can take advantage of users that leave devices temporarily without logging out of their accounts. This type of piggybacking is especially prevalent in public places with shared devices, like libraries and schools.
• Network access: Piggybacking can be as simple as using an open (unencrypted) Wi-Fi network without authorization. In this case, the person abuses the Wi-Fi operator’s negligence to gain free internet access or even carry out cyberattacks using the operator’s IP address.

Stopping piggybacking

• Always log out if you need to leave your device in a public place. This stops others from gaining easy access to your accounts or stealing sensitive information.
• Be careful about who you let in. This doesn’t mean you have to be a jerk — but if you help a stranger, they should be taken straight to security or the reception for further directions. In all cases, you should follow your organization’s security protocols.
• Set a password for your router. A strong password will prevent others from taking advantage of your internet connection and IP address.