Phishing threats exploit social engineering and deceptive web infrastructure to steal sensitive personal information, often by mimicking legitimate websites. With the proliferation of online services and the increasing prevalence of cybercrime, detecting phishing websites has become a critical challenge. This study presents a comprehensive machine learning (ML)-based approach for detecting phishing websites. A total of 48 discriminative features were extracted from 10,000 web pages—comprising 5,000 phishing and 5,000 legitimate sites. Nine ML classifiers were initially evaluated, including random forest (RF), support vector machine (SVM), and XGBoost. Ensemble models based on soft voting and stacking were then constructed to improve detection performance. Among the models, the soft voting classifier (VC) achieved the best performance with an accuracy and F1-score of 98.82%. The results indicate that ensemble learning offers a robust solution for the automated detection of phishing websites.

Cybersecurity; Intrusion detection; Machine learning; Phishing detection; Threat detection