Fake Hertz / Enterprise / Avis car rental account suspended, unauthorized charge dispute, or rental damage charge phishing — fraudulent email impersonating Hertz, Enterprise Rent-A-Car, Avis, National, or Budget claiming an unauthorized charge was detected on the recipient's rental loyalty account, their account has been suspended, or a damage charge requires dispute — directing them to sign in, verify identity, or confirm payment details through a phishing portal; Hertz Gold Plus Rewards 32M+ members; Enterprise Emerald Club 17M+; Hertz's 2025 data breach (Cleo file transfer compromise, 9.5M+ customers) provides attackers a plausible breach notification pretext; variable car rental charges (damage assessments, late fees, fuel charges) make unauthorized-charge lures highly believable

Phishing emails impersonating Hertz, Enterprise Rent-A-Car, Avis, National, or Budget claiming an unauthorized charge was detected on the recipient's rental loyalty account, their account has been suspended, or a rental damage charge requires dispute — directing them to sign in, verify identity, or confirm payment details. Key facts: (1) Car rental loyalty programs have massive memberships: Hertz Gold Plus Rewards 32M+ members; Enterprise Emerald Club 17M+ members; Avis Preferred 5M+; National Car Rental Emerald Club — frequent travelers use these accounts for corporate billing and business travel reimbursement; (2) The timing of this signal became dramatically more relevant after Hertz's 2025 data breach: the Cleo file transfer software compromise exposed personal data of 9.5M+ Hertz customers including driver's license information and payment card data — attackers immediately launched phishing campaigns using the breach as a pretext ("your Hertz account data was exposed — verify your identity now"); (3) The "unauthorized damage charge" variant is particularly effective because car rental damage charges are genuinely disputed by customers regularly — a charge of $300-$2,000 for alleged damage is plausible, creates financial urgency, and customers can't easily verify whether the charge is legitimate without logging in; (4) Car rental accounts contain payment card details, driver's license numbers, vehicle reservation history, and for corporate accounts, company billing codes. Warning signs: sender domain not hertz.com, enterprise.com, or avis.com; no specific rental confirmation number or vehicle details; round-number damage charges with no itemization.