like nihil said, there are many ways you can go about it depending on your goal and medium of choice.

If you want to go to the path of Social Engineering, there are countless methods of achieving that... like spear phising or doing standard recon.
same goes if you want your attack at the application level or on the actual host.

If your question is how I would go about doing it? I would start by getting to know my target very well, as much as I possibly could.