Typically, a Facebook phishing attack involves creating a fake post or message that appears to be from a legitimate source, such as a friend or a popular brand. The post may contain a link to a fake login page or a malicious PHP script that captures the user's login credentials.
use Facebook\Facebook;
To stay safe on Facebook:
else // If someone accesses post.php directly via GET, redirect away. header('Location: https://www.facebook.com'); exit(); facebook phishing postphp code