Recently, there have been an increasing number of cases of malware that direct users to a new type of fake login page. We will explain this malware.

Malware that redirects to a fake login page

Once infected with this malware (site tampering), visitors are forcibly redirected to a Microsoft or Google login page when they click on a link or view a page.
The destination is a fake login page that is exactly the same as the real login page, and when the user tries to log in by entering their login information, the login password and other information is sent to the hacker and used for fraudulent purposes.

This malware is known as

travelinskydream(.) ga
track.lowerskyactive(.) ga
pipe.travelfornamewalking(.) ga
greenlinetask(.) me

etc., or the malware itself may contain code for a fake login page.

What if I am infected with malware that redirects to a fake login page?

In this case, it means that through a vulnerability in the site, hackers are able to rewrite (intrude and tamper) with the site’s content.

First, the malware must be removed and the vulnerability of the site eliminated.
This malware can be inspected with the Malware Scan plugin.

Free] WordPress:Malware Scan & Security Plug-in [Malware and Virus Detection and Removal].

Once the malware is removed, you can eliminate vulnerabilities on your WordPress site.
Five free WordPress security measures

If you are unable to take action on your own, or if the malware cannot be removed completely (repeated re-infection), we recommend that you contact a professional.