Although one of the oldest hacking methods, phishing remains popular today. The core of phishing method is creating a fake Facebook (or any other) page and tricking the user to try and login into it. After the login fails, the username or email and password are stored in a .txt file that a hacker can simply access to. So, the easiest way would be tricking your friend into logging in on your computer using already set up fake Facebook page. If you want to avoid being hacked like this, never use other devices to log in and don’t click on unknown links.