This whitepaper discusses the use of cross site scripting and iframe injection when performing phishing attempts.
You can download it from the following link: https://packetstormsecurity.com/files/download/79024/iframe-phishing.pdf
Source: https://packetstormsecurity.com/files/79024/Whitepaper-Called-XSS-And-Iframe-Phishing.html