Your immediate above assumption is completely wrong !!!
Scam sites do exist as well for free programs that have no official paid versions, even the most prestigious ones.
You'll find paying scams for the GNU C compiler, for The GIMP, for FrostWire (see
www.frostwire.com, the original, versus
www.frostwire.org, the scam, as well as this thread in these online forums:
http://www.gnutellaforums.com/showth...=&pagenumber=1).
Scammers are even repackaging and renaming commercial applications as well, also abusing their licences. These are criminals that make illegitimate money by stealing on the work of others, and even stealing money from their "customers" by not providing the promissed additional service, or by charging them multiple times, or by stealing their identities for other usages.
In addition, if they provide you with some software, the software is too much often hacked and filled with trapdoors and spywares, or have been hacked to much that they do not perform some basic functions or will crash more often than the original app, as these hacks were not tested...
Scammers are not programmers, they just want to make money quick (and yes may be they are earning more money, only because they don't spend anything in the development process and they don't want to pay people to do their job). So their activity is often linked to other similar ones like spamming for "promoting" their "product", or subscribing to advertizing networks (that they include rapidly in the hacked installers of the programs they distribute, often without having to modify lots of things in the program itself).
Finally, scammers have something common with spammers: they don't reveal their true identity (their only known identity is their domain name on Internet, all the rest is unverifiable or inaccessible). They use fake company names, publish no verifiable street address, you won't find them in any yellow pages, their business name is not registered, and the only contact you can have is with some email address in the same domain name as the web site which is promoting their spew.
Even the domain name registration contains fake addresses and names. If one seeks about those address, you may also see that they have used stolen identities. When this is discovered, those domain names are parked by their hosting company, the doamin names resolve to another "no-reply" web site, and the ISP does not even receive any complain from the scammer who does not want to be identified. There are tons of examples of that (and really millions of domain names that have been parked by their ISP until the end of the yearly registration period, due to identity theft)
Fake domain names do exist because they were registered for a very small yearly fee, using stolen credit card numbers. This works often because the bank accept the payment without verifying well the identity. Sometimes the identity is real being associated correctly with the credit card number, but the people did not notice in their bank billing that their credit card was used for such small purchases (many people don't remember exactly what they bought, and do not control precisely their billing, especially for small purchases.) In addition any transaction form in their website is NOT secured by a SSL channel, meaning that the form will not be processed by a host in a secured domain, as this would require them to proove their identity to get a security certificate (so the transaction is not performed by a trustable bank: by filling this form, you give unlimited and uncontroled access to your credit card info directly to the scammer). There will be no PayPal payment offer as well (PayPal is a trustable bank as it has a wellknown and easily verifiable identity).
Also often, the bank accounts were created by spammers/scammers in fiscal paradises for the time of the transaction. If you track the bank, you'll find amny examples in the Comoros Islands, in Nigeria, or in small and poor islands in the Pacific. (If you are not convinced, visit for example the official governmental website of the Comoros website: there are local laws that legitimate this type of business, for the national interest, and they refuse all international investigation for suspect transactions). The address shown in their billing is also wrong, or do exist but was selected randomly in white pages in random countries and is not connected to the debited credit card.