As far as the browser knows, the user has legitimately chosen to click on the hacker's link. As a result, the browser will go ahead and perform whatever action is sitting behind that link.
