Court filings in the case say that between November 2012 and September 2014, Collins engaged in a phishing scheme to obtain usernames and passwords for his victims — sending them e-mails to victims that appeared to be from Apple or Google and asking them to provider their usernames and passwords.