Security researchers have uncovered a highly sophisticated, AI-assisted investment fraud operation in which victims are drawn into a personalized Truman Show-style controlled reality.
Check Point discovered the scam in October 2025 after observing victims being targeted via SMS and messaging apps.
What it subsequently found was an extensive, reusable fraud operation featuring mobile applications, attacker-controlled backend infrastructure and AI-assisted social engineering.
“Every part of the experience – the experts, the group members, the profits, the media coverage, the company, the apps – is fake,” it warned.
“This is not just a scam – it is a new model of cyber fraud, leveraging modern AI to automate trust-building, manipulation and operational execution.”
Read more on AI-powered fraud: Deepfake AI Trading Scams Target Global Investors
The “Truman Show” operation has several elements:
- Unsolicited SMS messages impersonating legitimate financial institutions urge victims to join a WhatsApp group in order to take advantage of a major investment ‘opportunity.’ In some cases, victims are also lured via Google Ads, Telegram and other social platforms
- The confidence-building phase begins using “social proof, fabricated expertise and repeated validation.” The WhatsApp group presents as a legitimate investment discussion group but is actually a fully AI-enabled sham designed to erode skepticism and increase emotional commitment
- In fluent localized language, the group’s two ‘leaders’ answer questions and publish financial content including daily trades and ‘insights.’ They speak confidently and authoritatively as finance professionals, even though they’re actually AI-generated
- Each group contains around 90 ‘members’ that show enthusiasm and agreement every step of the way. Some even start private conversations with victims designed to reassure them. These personas are also AI generated
- Successful ‘trades’ are presented on a daily basis, eliciting positive reactions from the group
- At some stage, victims are introduced to the fake investment company ‘OPCOPRO’ via press releases, identically branded websites and more
- After weeks of “interaction, education and reinforcement” the scam enters the final phase, as victims are granted access to an exclusive, institutional-grade AI trading platform and promised returns of up to 700% within months. The official O-PCOPRO app has apparently now been removed from Google Play but is still available on the Apple App Store
When Personal Fraud Becomes Corporate Risk
The scammers behind the operation not only receive victims’ crypto ‘investments,’ which they never get back. The attackers also harvest KYC-style information for future identity fraud or resale. Victims might also be targeted again in recovery fraud, Check Point warned.
However, there’s also a potential enterprise risk. With high-resolution photos of victims’ government ID, “liveness” selfies and other information, the scammers could call an IT helpdesk requesting a password reset. They could even pose as the employee in calls to their mobile carrier, to achieve a SIM swap attack, Check Point claimed.
This could help them obtain 2FA codes and log in to corporate applications and VPNs.
There’s also a potential for employees who have lost significant sums through the scam to be blackmailed and/or co-opted as willing insiders, Check Point said.
The app itself could be used to display phishing notifications designed to harvest corporate logins and 2FA codes, it added.
“The significance of this campaign is not only the harm caused to its victims, but what it signals about the future threat landscape,” Check Point concluded.
“As AI continues to lower the cost of producing convincing identities, content and software, scams will increasingly resemble legitimate digital businesses – complete with apps, websites, media coverage and regulatory-looking artifacts.”
The security vendor’s lengthy write up lists several ways that individuals and enterprises can protect themselves.
Investment fraud remains by far the highest-grossing cybercrime type, costing victims over $6.5bn last year according to the FBI.
