In cybersecurity, structure is everything. Threat actors rely on repeatable patterns. Analysts rely on repeatable models to decode them. MITRE’s ATT&CK framework has long served that purpose for cyberattacks—breaking down adversary behaviors into tactics, techniques, and procedures (TTPs). But what about digital fraud?
Digital fraud doesn’t follow the same blueprint as traditional cyberattacks around the world. It can merges technical exploitation with social engineering, legal gray zones, and market-specific tactics. To investigate these complex patterns, a new model was needed—one that understood fraud as both a technical and human threat.
Enter Fraud Neuron, a public framework developed by Axur.
Fraud Neuron (F.N.) is a fraud modeling framework—a structured way to describe how digital fraud happens, why it happens, and how its impact unfolds across business units and individuals. Like the MITRE ATT&CK, it breaks fraud down into tactics and techniques, but with a lens tailored to the business and behavioral dynamics of fraud.
It’s not just a matrix. It’s a growing database of real-world fraud techniques, detection methods, and mitigation strategies.
Fraud is a global phenomenon—but its shapes and strategies are regional. In some markets, particularly those with distinct social and economic conditions, fraud often emerges as the dominant threat vector. These patterns challenge conventional frameworks and require a fraud-specific lens to fully understand and mitigate. This creates use cases and threat patterns that aren't well represented by traditional models like MITRE ATT&CK.
The Axur Research Team (ART) realized that defenders needed a fraud-first model. One that could help security teams, risk departments, and fraud investigators speak the same language.
“Fraud Neuron enables analysts and organizations to integrate the framework into their workflows, correlating malicious activities with specific techniques to strengthen their defenses.”
— Alisson Moretto, Head of Cyber Threat Intelligence at Axur
By structuring fraud tactics based on real incidents, they created a model that supports both strategic planning and operational threat detection.
Fraud Neuron structures attacks across key phases, including:
Target Identification: Who or what is targeted—individuals, brands, platforms.
Theme: The overarching fraud concept (e.g., delivery scams, fake job offers).
Reconnaissance: Public or stolen data sources used for targeting.
Resources: Communication channels and technical infrastructure.
Identity Simulation: Impersonation of companies, employees, systems.
Social Engineering: Manipulative tactics used to deceive the target.
Conversion: How the attacker turns deception into money or value.
Impact: Consequences across IT systems, legal liability, brand reputation, and more.
Fraud Neuron isn’t just another database. It’s a practical tool for defense. By creating a shared language, it enables:
Collaboration across fraud, cyber, and risk teams
More precise fraud detection and alert tuning
Knowledge sharing across industries and geographies
Strategic fraud modeling and simulation
Community-led intelligence enrichment
Whether you’re building a fraud playbook, training an LLM to classify fraud patterns, or correlating TTPs across platforms, Fraud Neuron provides the scaffolding.
What makes Fraud Neuron stand out is its collaborative DNA. Axur designed the framework as an open innovation initiative, releasing it to the broader security community under a public GitHub repository.
Researchers, threat analysts, and fraud professionals can:
Submit new fraud techniques or case studies
Suggest modifications or additions to the framework
Use the taxonomy in their own investigations and SOC workflows
Every community submission is reviewed by Axur and our partners to ensure quality, consistency, and alignment with global best practices.
The framework is open, but growing. Here’s how to get involved:
Use it: Map your incidents to Fraud Neuron to identify patterns.
Improve it: Add underrepresented fraud themes or regional tactics.
Fraud thrives in silos. Fraud Neuron is an invitation to break them.
Fraud Neuron reflects a deep cultural shift in how we model threats—not just as code or behavior, but as economic, human, and social phenomena. In doing so, it invites researchers to look at fraud not as a byproduct of cybercrime, but as a discipline of its own.
Whether you’re in fraud detection, threat intel, or AI modeling, Fraud Neuron offers a foundation to explore the nuances of fraud with clarity and depth.
If you’ve ever wished ATT&CK made more sense for fraud cases—this framework is for you.
Explore the framework: neuron.axur.com
Join the community: github.com/axur/FraudNeuron