What is Facebook Phishing?
Facebook Phishing or phishing in general is a hacking technique where hacker tricks the user into thinking the information he is entering is on the legit facebook page while in reality, it is a page which is designed to look like a facebook page or an exact replica of the page. The user then enters all the sensitive information which he would otherwise enter on the real facebook page. Thus hacker gains access to the information such as email, password and other parameters which the hacker can then use to access facebook himself. This technique is reasonably popular hacking technique as it doesn't require any advanced expertise in hacking. Phishing is one of the most commonly used hacking techniques. Facebook phishing requires hacker to design a page which looks like exact replica of facebook homepage where he asks for email and password. This type of webpage is fairly easy to make as one can easily copy the layout of a website.
How a Facebook Phishing web page is made?
As mentioned, it is fairly easy to replicate any website's layout. Facebook is no exception to this. There are tons of templates available online which can be used. With simple knowledge of HTML and CSS, a saved facebook page can be easily manipulated to transfer entered information to hacker. More advanced type of Phishing pages may even include function facebook website but every information is also sent to the hacker without the knowledge of victim.
How to use Facebook Phishing to hack a facebook account?
To hack a facebook account using this method, you need to have basic knowledge of HTML, CSS, PHP/ASP. If you don't want to learn complex computer languages, we suggest you try to find a template online. This page should be the exact replica of Facebook login page. After this, you need a domain, preferably something which looks and sounds legit such as "example.com". When you add a subdomain "facebook" to this, it will become "http://facebook.example.com" and a rushed user will be tricked into thinking it is a facebook page. The form for email and password should point towards a your php/asp page where you can store this entered information in mysql or any other database form. When done, the page should be automatically closed so the victim doesn't become alert.