A July, 2003 report from the IDG News Service explains the workings of one such effort:

The boy's scam allegedly worked like this: Posing as AOL, he sent customers e-mail saying there had been a problem with the billing of their AOL account. The e-mail warned AOL customers that if they did not update their billing information, they risked losing their AOL accounts, and it directed customers to click on a hyperlink to connect to the AOL Billing Center. When customers clicked on the link, they ended at the defendant's site, which included AOL's logo, type style, and links to real AOL Web pages. The defendant's AOL look-alike page directed consumers to enter the numbers from the credit card they had used to charge their AOL account, then asked consumers to enter numbers from a new card to correct the problem. The defendant's page also asked for consumers' names, mothers' maiden names, billing addresses, social security numbers, bank routing numbers, credit limits, personal identification numbers, and AOL screen names and passwords. The defendant used the information to charge online purchases and open accounts with PayPal, and he used consumers' names and passwords to log on to AOL in their names and send more spam. He also recruited others to participate in the scheme by convincing them to receive fraudulently obtained merchandise he had ordered for himself.