How Hackers Steal Facebook Passwords?

Last week I discovered a romance scam in my inbox, this week I found out another scam in my Facbook timeline. One of the common tactics is to start with some pretty girls photo, then share it to males’ timeline.

When I clicked the link for more info, it kept redirecting me from

https://www.facebook.com/pages/Photo-Contest-MaLai/730133447081671?sk=app_190322544333196&pnref=story to http://benk.0xhost.net/

To continue reading, it requires user to sign in their account. I immediately spot the problem, because the URL was not belong to Facebook.

To clear my suspicious of the fake account, I input a fake ID halo@gmail.com with password 123456.

After a  successful sign in with the fake id, the page redirected again to https://www.facebook.com/pages/Photo-Contest-MaLai/730133447081671. In this stage, I could confirm that this was a fake Facebook page. If any users input with real password, the possibility is high that the hacker might have access to a user’s personal facebook account.

Additional sign of fake page:
1. The page is created recently
2. It only shows a little timeline history
3. The profile photo has been stolen from another website