Cybercrime incurs an estimate of $110 billion per annum globally (Norton Cybercrime Report 2012). This excludes the non-financial impact. The combined impact presents an enormous problem worldwide, from the point of view of overall management (detection, monitoring and prevention). While there are lists/categories of cybercrimes published in books, government websites, security and crime-related websites, these categories were constructed for different purposes. Moreover, they are not comprehensive, nor are they rigorously developed using empirical data. Their similarities and differences have not been elucidated, accounted for, and reconciled, and we are not confident that all cybercrimes can be classified using existing taxonomies. Creating a single comprehensive taxonomy on cybercrimes has a number of benefits. This paper first summarises the background on “taxonomies”, existing taxonomies that have been constructed in Information Systems, and potential benefits of such a taxonomy. It then proposes a methodology for developing and validating a cybercrime taxonomy, and discusses the next steps for this project.