The most common type of phishing is Fake Login Pages. The basic methodology of this attack is written below
1.Suppose an attacker wants to hack gmail/yahoo/facebook/bank account of the victim. Attacker creates a fake login page of that website . This fake login page looks exactly like real/genuine login page.
2.Attacker then sends the link of that fake login page to victim through an email or any other means.The sender's email Id is usually spoofed to give an authentic look to it.
3. Victim clicks on the link, fake login page appears in his browser and he enters his credentials in that page thinking that it is genuine.
4.The credentials that are username and password go to the attacker. Hence victim's account gets hacked.
5.Victim is then redirected to any webpage as chosen by attacker. Most probably the victim is redirected to genuine website or a page displaying an error.