While fbaction.net has been taken down, go to fbstarter.com and it com sure looks like a lot like some sort of Facebook login page, doesn't it (see attached pic)?
What's happening is people are getting "Facebook messages" supposedly from other users that basically just say "Look at this" and have the link that takes them to fbstarter.com. Once you enter your username / password there, you've basically delivered your login credentials to the scammer.
Now, fbstarter.com sure looks suspiciously like fbaction.net. Personally, if you're alert to the important aspects of watching out for phishing, such as:
- Don't use links delivered in emails or IM to login to any site
- If you do, make sure the site's URL looks like what you are expecting
- Email the site / organization / business in question if you are unsure
then you should be pretty safe.
Of course, while some (not me) store credit cards information in their Facebook account, most of the information for a credit card is redacted anyway (though I suppose a scammer could use your credit card to buy something on the site).
The main reason, I would think, that fbaction.net / fbstarter.com scammers would want your login info is because many people use the same login info everywhere. Definitely a bad idea, but something many people do.
If you've fallen for either the fbaction.net or fbstarter.com phishing scam already, change your Facebook password immediately (if the scammers haven't already locked you out). And, if that's happened and it's the same password you use for your Amazon.com, eBay, or other types of accounts, you could be in big trouble.