Immomig®: increased security


Immomig®: increased security
The number of cyber attacks on Swiss companies has increased in recent months. There are many reasons for this increase and the Covid 19 pandemic is one of them. In view of these attacks, especially phishing attacks, IMMOMIG AG has decided to take two measures to ensure the security of its customers' data.

Cyber threats have been around for decades, but have increased since the start of the pandemic. New ways of working combined with improved hacking techniques are reasons for this increase. The corporate network is no longer confined to the office, but has moved into the private sphere. This has increased the scope for hackers and teleworking provides them with vulnerabilities to exploit.

The techniques used by cyber criminals are becoming more effective. In phishing, they are able to imitate the identity and processes of companies (e.g. payment). In recent weeks, IMMOMIG AG has been the victim of phishing attacks several times. It was therefore out of the question to remain inactive in the face of this growing threat. Therefore, IMMOMIG AG decided to take two measures to ensure the security of its software.

Two-factor authentication

Since Monday, a two-step identification process is proposed to our customers when they connect to the Immomig® software. Specifically, they will be asked for an additional code when entering their login and password on the Immomig® login page. They will receive it on their phone via an application such as Google Authenticator, Authy, etc. that they have previously installed.

Agency coordinates

In phishing attacks, hackers manage to obtain a company's login and password to access real estate software. The hackers then modify the company's data to receive requests from real estate portals to a private address. From then on, they can demand money from a customer who has expressed a wish to view a property, for example, or in the case of a reservation.

In order to avoid these cases, IMMOMIG AG has decided to block any change in the data of a branch (e.g. e-mail address) that relates to the receipt of requests from the portals outside business hours. This is to prevent an attack from occurring when vigilance is low. If an attack occurs during business hours, the response time is very short and the attack is blocked as quickly as possible.

Behaviour in the event of a phishing attack

IMMOMIG AG makes every effort to ensure the security of its software. However, it is also important to be vigilant if someone asks for access data. In phishing attacks, hackers use the graphic identity of a company. In the case of IMMOMIG AG, you are asked to log into your account via a login page that looks like Immomig® but is not. In such cases, it is important to :

  • Make sure that the email is from the company in question (name, logo, address, etc.).

  • Delete the fraudulent email from your inbox.

  • Contact the company concerned if the username and password have been provided.

  • Change your password if it is also used with other online services.