Fake Starbucks Rewards / Dunkin Rewards / Chipotle Rewards / McDonald's MyMcDonald's Rewards restaurant loyalty account suspended, Stars at risk, or points expiring phishing — fraudulent email impersonating Starbucks, Dunkin, Chipotle, or McDonald's claiming the recipient's loyalty rewards account has been suspended for suspicious activity, their earned Stars or points are at risk of expiring, or an unauthorized redemption was detected — directing them to sign in, verify identity, or protect their points through a credential-harvesting portal; Starbucks Rewards 34M+ active members (largest US restaurant loyalty program; Gold Status and Stars have real monetary value — each Star earned represents paid purchases, and free drink rewards are emotionally tied to daily routine); Dunkin Rewards 12M+; Chipotle Rewards 30M+; McDonald's MyMcDonald's 15M+; restaurant loyalty accounts are checked daily by habitual users, making account-suspension alerts feel immediately credible and urgent

Phishing emails impersonating Starbucks, Dunkin, Chipotle, or McDonald's claiming the recipient's restaurant loyalty rewards account has been suspended for suspicious activity, their earned Stars or points are at risk of expiring, a free reward is about to be forfeited, or an unauthorized redemption was detected — directing them to sign in, verify identity, or protect their rewards through a credential-harvesting portal. Key facts: (1) Starbucks Rewards is the largest restaurant loyalty program in the US with 34M+ active members; Stars (earned at 1-3 per dollar spent) and Gold Status represent real monetary value — achieving 300 Stars for a free drink reward took real purchases; the psychological weight of 'your Stars are at risk' is compounded by how frequently Starbucks Rewards members interact with the app (daily, before every purchase), making the Starbucks Rewards account feel as critical as a banking app; Starbucks stores birthdate, address, stored value (gift card balances), and payment methods in Rewards accounts making them targets for both credential theft and direct monetary loss from stored value; (2) The daily habit element makes restaurant loyalty phishing distinctly effective: Dunkin Rewards (12M+ members) and Starbucks are checked every morning by habitual users; a 'your account has been suspended' notification that arrives at 7:00 AM during a commuter's morning routine — precisely when they expected to use the app — creates maximum situational urgency without time for careful sender verification; (3) Chipotle Rewards (30M+ members) exploits food reward scarcity: Chipotle's gamified free entrée offers ('roll for free guac') create anticipation-based urgency — 'your earned free entrée reward is at risk of being forfeited' threatens something users actively anticipated receiving; (4) McDonald's MyMcDonald's Rewards (15M+ members) leverages the brand's ubiquity — McDonald's is visited by 69M customers daily, making MyMcDonald's Rewards the broadest possible target audience for a loyalty phishing campaign; (5) Restaurant loyalty accounts store home address, payment methods, and detailed purchase history enabling highly personalized follow-on social engineering. Warning signs: sender domain not starbucks.com, dunkin.com, chipotle.com, or mcdonalds.com; Starbucks Rewards communications include your current Star balance; any account issue should be resolved only via the official app.