The following phishing case seeks to steal the Facebook password, as can be seen in the following screenshots, first an email is received that pretends to be a private message and then a fraudulent page is loaded:
Fake email that simulates being sent by Facebook
The link clearly shows that the destination is a suspicious page, the domain is a .co.ccThey can be registered for free and are often used for these kinds of attacks. In fact, spammers and cybercriminals abused the extension so much that Google ended up removing it from its index.
But most users don't know this and how the domain contains the words facebook.login They could be deceived, however there are other details that should raise suspicions. The message is not sent by Facebook but from a Hotmail email and it also contains misspellings such as the word through in the Subject and the name Gracia in the sender, different from the one that contains the message.
If the button is clicked it ends in a page that requests the login, its design is similar to that of Facebook, but when entering the data they are actually sent to the attacker. Then a redirection is made to www.facebook.com/login.php which would be the same page, but real:
Don't forget to always check the URLs of the pages before entering your data. If an email seems suspicious, it is best to ignore it and seek help to find out whether it is real or not.
Thank you Jos de Mara for sending it.
Related: Did they add you to Facebook? Beware of phishing emails. Did they tag you on Facebook? careful it could be a fake email.