Researchers from the cybersecurity company Check Point have uncovered a new online financial fraud called OPCOPROalso renamed “The Truman Show scam”. The reference to the famous film in which the protagonist of the film, Truman (played by a very good Jim Carrey), he was living, without his knowledge, a reality entirely constructed by the show’s directors. Something similar happens with OPCOPRO, the fraudulent scheme that does not try to infect devices with traditional malware, but builds an entire fictitious digital ecosystem to trap the user. The mechanism is in fact based on the creation of false investor communities populated almost exclusively by chatbots. These artificial agents, by simulating coherent human interactions on messaging platforms (such as WhatsApp), induce the victim to trust presumed financial experts and to download fraudulent applications present even on the official Google and Apple stores. The goal is not only to siphon money through fake investments that promise unrealistic returns, but also steal sensitive data through identity verification procedures. Once documents and biometric data are obtained, criminals can carry out identity theft, phone number cloning and unauthorized access to company systems.
How OPCOPRO, the “The Truman Show scam” works
Going into the technical and psychological dynamics of this operation, we note how the solicitation follows a very specific script that bypasses traditional alarm bells. All It usually starts with a simple SMSas happened in October 2025, when numerous users received communications apparently coming from Goldman Sachs. These messages, which promised exorbitant stock returns in the order of 70%were promptly denied by the banking giant, which confirmed the illicit use of its trademark. Who clicks on links contained in these messages is transported into what we can define as a virtual setting of the “Truman Show”: a private WhatsApp group where fiction comes to life. This is where the victim is greeted by two figures pretending to be authoritative trading experts. Although their profiles may seem professional and reassuring at first glance, the technical analyzes carried out by Check Point researchers revealed something completely different: the profile photos used are synthetic images, generated by artificial intelligence algorithms and do not correspond to real people.
The messaging group, which can number approximately 90 membersis populated almost entirely by automated bots. Observing the interactions, an unnatural pattern emerges: while a group of human beings would present linguistic and stylistic variations in the messages exchanged, these accounts all communicate in the same way, limiting themselves to constantly celebrating profits and glorifying the supposed intuitions of experts, publishing screenshots of fictitious earnings. A relevant technical detail concerns the nature of the telephone accounts these bots are based on VoIP numbers (Voice over IP), i.e. numbers generated via the Internet that are unreachable if you try to make a traditional voice call. This “echo chamber” serves to break down the victim’s psychological defenses over the course of several weeks, preparing him for the next step, the technically most insidious one.
The critical phase of the scam exploits the reputation of official distribution channels to legitimize the attack. After building a relationship of trust with potential victims, scammers invite the user to download the OPCOPRO application. The fact that the app can be found directly on the Google Play Store or on the Apple App Store leads many to lower their guard, convinced that the security controls of these platforms are infallible. To further strengthen the credibility of the operation, a fake cooperation agreement is often presented with Oppenheimer Holdings (an independent investment bank and financial services company headquartered in New York). Once installed, the application turns out to be an “empty box”: it is technically a simple one WebViewwhich is a browser window integrated into the app that displays an external web page. Thanks to this trick, scammers are able to show completely manipulated numbers and graphs without there being any real interaction with the financial markets.
The danger goes far beyond the immediate loss of capital. To activate the supposed investment account, the user is required to complete the process known as KYCacronym for Know Your Customer. In the financial sector this procedure is mandatory to verify the customer’s identity and prevent money laundering, but in this context it becomes a double-edged sword. The victim is asked to upload a photo of an identity document and a selfie to be taken in real time to prove that he or she is a natural person. With this data in hand, and with the promise of returns ranging between 370% and 700% (promised in just a few months) to encourage deposits, criminals gain total control of the identity of unsuspecting victims.
The consequences of this data transfer are disastrous for personal safety. Check Point researchers underline how, by possessing the victim’s document and selfie, scammers can carry out the so-called SIM swappinga technique that allows you to transfer the victim’s phone number to a new SIM, thus intercepting the security codes for two-factor authentication. Even more alarming is the possibility that this data will be used to deceive companies’ IT departments into granting access to the victim’s work profiles.
How to defend yourself from OPCOPRO financial fraud
Given the pitfalls that OPCOPRO fraud presents, here are some tips to follow defense strategy.
- Check the sources: check the Consob lists and search online for names of companies and professionals who contact you. If you don’t find confirmation of what is being offered to you, it is probably a scam.
- Be wary of stratospheric returns: If a yield appears to be off-market, don’t ignore this important and unmistakable wake-up call.
- Do not follow the instructions given to you: if you are asked to open links, download attachments or even provide identity documents, do not do so if you have identified any critical issues from the previous points.
