Phishing doesn't just happen against banks. It also hits social networks, including MySpace and Facebook. Phishing only occurs if the target can be monetized; in other words, the phishers have to make money. Early social networking phish were likely extensions of the ransomware methodology, where money would have to be exchanged for the account to be turned back over to the phished user. Nowadays these phished accounts are being used to send spam and phish to social network users, propagating the problem.