Read as
Why this module exists. Physical social engineering — tailgating, badge cloning, USB drops, pretext-driven facility access — remains a viable attack path against Indian enterprises with shared-building campuses, generous visitor policies, and inconsistent badge enforcement. This module covers the attacker techniques and the defender controls.
Why this module exists. Physical access still beats remote-only attacks for certain target classes — server-room access to a regulated bank, badge-room access to a stock exchange, network-port access in a coffee-shop floor. This module is the physical-channel social engineering practitioner reference.
The attacker toolkit
- Tailgating — follow an authorised employee through a secured door.
- Badge cloning — read an RFID badge in proximity (subway, lift, coffee shop), clone it.
- Pretext access — pose as a delivery person, AC repair tech, regulator inspector.
- USB drops — leave malicious USB drives in parking lots, lobbies, conference rooms.
- Network-port access — plug a rogue device into an unguarded network port.
Want this for your team?
Custom team training + practitioner advisory
Beyond the free academy — we run private workshops, vCISO advisory, and red-team exercises tailored to your stack. For Indian SMBs scaling past their first hire.
Book team training call
Replies in 4 working hrs · India-only · Senior consultants