Facebook Phishing Postphp Code Page

This is exactly what defenders should search for.

More sophisticated kits include:

A Facebook phishing attack using a post.php file is a classic credential harvesting method where an attacker creates a deceptive replica of the Facebook login page to trick users into submitting their private information. Mechanism of the Attack facebook phishing postphp code

Legitimate login handlers using post.php ? Extremely rare. Most apps use login.php or auth.php . If found, typically malicious. This is exactly what defenders should search for