This story by Brian Krebs is an amazing breakdown of an iCloud phishing ring. It not only provides a lot of detail about the thinking behind these phishing services (and all those phishing emails you get) but it’s a study in human nature too:
This is where the story turns both comical and ironic. Many times, attackers will test their exploit on themselves whilst failing to fully redact their personal information. Jonatan apparently tested the phishing attacks on himself using his actual Apple iCloud credentials, and this data was indexed by Jonatan’s phishing account at the fake iCloud server. In short, he phished himself and forgot to delete the successful results.