Comparing Fraud Taxonomies and How to Use Them
An overview of emerging fraud taxonomy frameworks and how they compare to established cybersecurity standards. This post examines the Fed's FraudClassifier and ScamClassifier, Stripe's FT3 framework, and FS-ISAC's coordination model, explaining what each solves, how they complement each other, and why no single taxonomy is enough. Learn how leading organizations are combining these frameworks to break down silos and operationalize fraud intelligence more effectively.
Low-code tools are going mainstream
Purus suspendisse a ornare non erat pellentesque arcu mi arcu eget tortor eu praesent curabitur porttitor ultrices sit sit amet purus urna enim eget. Habitant massa lectus tristique dictum lacus in bibendum. Velit ut viverra feugiat dui eu nisl sit massa viverra sed vitae nec sed. Nunc ornare consequat massa sagittis pellentesque tincidunt vel lacus integer risu.
- Vitae et erat tincidunt sed orci eget egestas facilisis amet ornare
- Sollicitudin integer velit aliquet viverra urna orci semper velit dolor sit amet
- Vitae quis ut luctus lobortis urna adipiscing bibendum
- Vitae quis ut luctus lobortis urna adipiscing bibendum
Multilingual NLP will grow
Mauris posuere arcu lectus congue. Sed eget semper mollis felis ante. Congue risus vulputate nunc porttitor dignissim cursus viverra quis. Condimentum nisl ut sed diam lacus sed. Cursus hac massa amet cursus diam. Consequat sodales non nulla ac id bibendum eu justo condimentum. Arcu elementum non suscipit amet vitae. Consectetur penatibus diam enim eget arcu et ut a congue arcu.
Combining supervised and unsupervised machine learning methods
Vitae vitae sollicitudin diam sed. Aliquam tellus libero a velit quam ut suscipit. Vitae adipiscing amet faucibus nec in ut. Tortor nulla aliquam commodo sit ultricies a nunc ultrices consectetur. Nibh magna arcu blandit quisque. In lorem sit turpis interdum facilisi.
- Dolor duis lorem enim eu turpis potenti nulla laoreet volutpat semper sed.
- Lorem a eget blandit ac neque amet amet non dapibus pulvinar.
- Pellentesque non integer ac id imperdiet blandit sit bibendum.
- Sit leo lorem elementum vitae faucibus quam feugiat hendrerit lectus.
Automating customer service: Tagging tickets and new era of chatbots
Vitae vitae sollicitudin diam sed. Aliquam tellus libero a velit quam ut suscipit. Vitae adipiscing amet faucibus nec in ut. Tortor nulla aliquam commodo sit ultricies a nunc ultrices consectetur. Nibh magna arcu blandit quisque. In lorem sit turpis interdum facilisi.
“Nisi consectetur velit bibendum a convallis arcu morbi lectus aecenas ultrices massa vel ut ultricies lectus elit arcu non id mattis libero amet mattis congue ipsum nibh odio in lacinia non”
Detecting fake news and cyber-bullying
Nunc ut facilisi volutpat neque est diam id sem erat aliquam elementum dolor tortor commodo et massa dictumst egestas tempor duis eget odio eu egestas nec amet suscipit posuere fames ded tortor ac ut fermentum odio ut amet urna posuere ligula volutpat cursus enim libero libero pretium faucibus nunc arcu mauris sed scelerisque cursus felis arcu sed aenean pharetra vitae suspendisse ac.
By Arjun Bisen, CEO & Co-Founder | January 29, 2026
I’ve been in many conversations with cyber, intel, and fraud experts where they’ve praised taxonomies like the MITRE ATT@CK framework and sharing of Indicators of Compromise (IOCs) that are commonly understood in cyber intelligence and wished that the fraud taxonomy was as well developed. That would allow them to throw all the fraud accounts/ IOCs into a centralized system to take automated action/ scoring.
That said, there are some very useful fraud taxonomies that are being worked on by some of the best in the business, which could have a big impact on how we organize. Each of the major frameworks focus on solving a different problem.
The Fed’s FraudClassifier has become a foundational standard for banks and payment providers. Its strength is simplicity: a clear, payment-agnostic way to distinguish authorized vs. unauthorized fraud and report losses consistently across the industry.
The Fed’s ScamClassifier builds on this by addressing a major blind spot, authorized scams. By breaking scams into concrete types (romance, investment, impersonation, etc.), it added much-needed clarity to an area that was previously vague, on the rise, and inconsistently labeled. The Fed has a useful guide on how to leverage this classifier.
The most tactical of all, the FT3 framework, built by Vincent Passaro and the good people at Stripe , takes a very different approach. Modeled after cybersecurity frameworks like MITRE ATT&CK, it classifies fraud by the tactics and techniques used by attackers. This is powerful for detection and threat intelligence, but also more complex to operationalize. However, as a technology company, we’ve found useful ways to leverage their Github repo to automate the classification fraud materials, leveraging our AI agents. We’re always happy to share our approach with anyone interested.
Finally, FS-ISAC ’s Cyber Fraud Prevention Framework focuses less on classification and more on coordination. By mapping fraud across stages, from reconnaissance to monetization, it helps break down silos between fraud, cyber, and AML teams. It's especially useful and organizing info sharing via FS-ISAC's platform.
The takeaway: there’s no single “best” taxonomy. The strongest fraud programs combine:
• Fed models for standardization and reporting
• FT3 for understanding adversary behavior
• FS-ISAC’s framework for cross-team action
How are you all using these taxonomies today? What did I miss?
I generally feel like the data we need to tackle fraud exists but often sits in silos, is unstructured, and could really benefit from tighter classification that would allow it to be operationalized in a simple way.
Stay informed with expert articles on threat intelligence, fraud trends, and AI-powered cybersecurity. Explore Overwatch Data’s latest insights to help your team stay ahead.