Parallel execution at scale
CUAs perform tasks at machine speed and in parallel, allowing attackers to launch thousands of credential stuffing attempts simultaneously — orders of magnitude faster than manual attacks.
How CUAs can transform social engineering and phishing attacks
These same capabilities of CUA also allow attackers to take social engineering and phishing to an entirely new level. CUAs redefine how and where phishing occurs, shifting from email to social platforms and collaboration tools, where enterprise anti-phishing controls are usually not in place and are also less effective. Using natural language, an attacker can instruct a CUA to create accounts on social platforms, post messages, build credibility and then exploit that trust to deliver phishing links aimed at stealing credentials.
Beyond broad engagement, when targeting a particular user, CUAs can leverage AI to scrape user information from various social platforms and then use it for crafting highly personalized messages that establish rapport and serve as phishing lures, ultimately redirecting the victim to malicious sites.
