Fake Robux generator program, for the online game, Roblox.

MMO scams are types of scams that attempt to fool users into using a false generator for in-game currency.


1. Downloading

A website may claim that the user must download a program before they can get free Membership. The programs might have a video that claims that the program is working.

When downloading these programs or when installing, they might ask if the user wants to download other programs (which may also be viruses). This could happen outside and inside the installer. Even if there is a "No" button, it will likely not work and will download the program(s) anyway.
屏幕快照 2018-08-18 下午5.34.16

A scam for the game Minecraft pretending to be Microsoft.

When a user downloads the program it will likely ask for their username and password, or confidential details such as credit card numbers. It will then ask what type of membership the user would like to add to their account. When the user selects a amount it will show a fake bar that progresses. When it is done it may say that their request will take a while or is done.

If the user attempt logs on to their account after doing this it may be hacked, or they may not be able to log onto their account. Their computer may also have been infected by a lot of viruses. These viruses are usually not malicious and are just PUPs.

Sometimes, however, some membership generators can carry RATs (Remote Access Trojans) and will not open. After "opening" the program, the trojan will not ask for any administrator permissions, and will start a task that will be enabled for startup. The RAT process can be started after booting so that features can be available for the controller even after reboot. Depending on the RAT's type, it can have a keylogger, or even can remotely control the user's computer. These features can be used to log into accounts, and more.

2. Websites

When offered to download the program websites may offer a way to do it through the website alone. Generally the website would look and work exactly the same way as the program they offered. This is different from the program because they don't have "direct" access to the user's computer files, but tend to send spam constantly to the user's email, or in worse cases a email Worm, and phish all the user's sensitive information. When a user clicks on the Website option they are greeted with the same thing as the program, a username and password requirement. When the user types that in, then they will be asked what type of membership they would like to add to their account. This part differs from the program for the fact that the website may pause the bar and makes the user do a captcha to make sure they are human, or claims they must complete a survey or download a program, etc. If there is a captcha, it will likely be false, because if the link is clicked the user will be redirected to a phishing website, where they may be forced to do surveys that take sensitive information such as credit card numbers, addresses, email address, the user's real name and etc. When the user has finished the website "checks" to see if the information is valid. The website will never actually check to see if the information is right, this means the user can type in whatever into the information boxes and it will do the same thing. Once the website has "checked" it says that the user's completion will be sent to the membership generator website, however, this will most likely not happen. When the user closes the "captcha" and goes back the website will not have changed.

This can be different from website to website. Some websites do complete but do nothing. This may be because of PHP, but the membership will never appear on the users account.

At this point the user's email can be filled with spam or email worms and their account will most likely be hacked in a couple of days after visiting the website. They may also ask the user to complete a survey, which will just be fake. It can be of many different types. One of them asks the user for their phone numbers. When someone puts a phone number, they steal the money that the user has topped up. Others will simply not do anything and these will generate money for the owner of the website. When the user clicks on "Confirm", the scam replies that the inputs are incorrect. These input (like the phone number) are said to be incorrect so that it has an excuse to not contact the victim. It also appears that the website uses very simple tools to scam.