Injecting Phishing into the Victims Browser

Its very hard for us to break the security of a system as strong as facebook/gmail and so on , but instead , we can break the bond between the user and site itself , and my idea is ( i dont know if its new or something ) but if we make a phishing site ( eg : facebook ) and we give the network an order that when the victim trys to go to " www.facebook.com " it redirects it to " XXXXXXXX " which is our facebook phishing page , and when the victim inputs , we get the output and victim get redirected to facebook to relogin or even be logged in already , is that possible to do ? and can any thing be done with mobile applications like facebook on ios/android ? hope to make this a fruitful and useful discussion , respect :)