Website-Scams are a well-known problems in Roblox. They happen by friending a user then asking them to go to a certain website, to enter there username and password.
How they make them?
Well, Google has a feature where you can view the source of the page, for example, the code of the page, and scammers get that code from the view-source page and insert it to an HTML website.
If you put “view-source:https://www.roblox.com/” in your browser. You’ll see all the code that was put in the html website, and if you think that it doesn’t work, well I tried it myself and here’s what I ended up with. link
THIS POST IS NOT MADE TO PROMOTE SCAMS