Web Security is a field of Computer Security that aims to establish various security measures to use against attacks performed over the Internet. Phishing is defined as an activity where confidential information such as personal as well as financial information from the user is obtained by luring the user towards an illegitimate webpage. Illegitimate websites inculcate a variety of features that makes them look as a replica of the legitimate site. Phishers employ such features by means of page content, User Interface (UI), Uniform Resource Locator address (URL)within their illegitimate webpage in order to make them look similar. Many researchers have proposed various solutions, nevertheless, no single solution exist that could facilitate users to counter phishing threats. In this paper, important characteristics that identify illegitimate websites from original sites are discussed and an implementation of C4.5 algorithm is used for classifying illegitimate websites and also aims to improve the performance by combining with boosting algorithms. © 2014 IEEE.