It depends what your phishing for. Most things require you to fake some form of clearance. If you can successfully disguse yourself as a member of law enforcement, management or superior, you can start from there.
Replicate a login page, mass e-mail, get skills and learn how to infect a GIF/JPEG, find SQL vulnerabilities via XSS, etc. Seeing as most forum software is open source, if the forum you are targeting isn't custom made (which can be a plus or a negative really), you can study their source and see if they have left any vulnerabilities ready. If you have to ask such questions I don't think you'll get very far though, but good luck. Easiest way is faking a login page and tricking people into clicking the link.
It's very easy to do but you need to know the basics of HTML and PHP. Primarily enough HTML knowledge to rip the source, to know what a source is.. Lol (right click > view source), and then enough PHP knowledge to intercept the login forms and redirect it to the real website after logging their initial username/password input.