With phishing and online scams growing these days you always have to be careful while you login to your Facebook account. 
In order to obtain your login and account information the Phishing specialists may attempt to trick you by pretending to be an official login page that you have an account with, prompting you to enter your account information. Even though these login pages created look identical to the login page of the organization you have an account with, the website doesn’t belong to them. So, always remember to never enter your account info especially your password unless you are on the legitimate Facebook page.
The important check that can tell you whether you are on the legitimate Facebook page or not is the domain on which the webpage you are using is based. For example, “www.facebook.login.com” is not a legitimate Facebook page on the “www.facebook.com” domain, but “www.facebook.com/login.php” is a legitimate Facebook page because it has the “facebook.com” domain.
If you are using ‘Facebook Connect’ to log-in to your accounts, do that only on trusted third-party websites. Before giving your account information using Facebook Connect always make sure that the login opens in a separate browser pop-up window, and the url of the pop-up window contains proper “www.facebook.com” domain. This confirms whether it is a legitimate Facebook page or a phishing attempt and can assure you to log in safely and securely.
In case you are unable to access your account for being phished or hacked, please see the Hacked Accounts section of the Facebook Help Center to get some help. I hope these Facebook Login Precautions helped you!