This study addresses the growing threat of phishing attacks by proposing an intelligent detection approach that integrates heterogeneous data sources, multi-model collaboration, and explainable AI (XAI) analysis. For the first time, a comprehensive dataset combining real-world, tool-generated, and AI-synthesized phishing URLs is constructed. The method leverages multiple models—including Logistic Regression, CatBoost, CNN, and DistilBERT—for detection and employs XAI techniques such as SHAP, LIME, and Information Gain to interpret model decisions. A deployable real-time detection system is implemented based on the MCP framework. Experimental results demonstrate that DistilBERT achieves the best performance with an accuracy of 99.78%, significantly outperforming other models and confirming the proposed method’s combined strengths in detection efficacy, interpretability, and practical applicability.

With the growth in digital transformation and Internet usage, the Social Engineering techniques such as Phishing have become a major concern for the users and the organizations. Phishing attacks involve deceptive techniques to trick users into revealing confidential information that causes financial loss and reputation damage to organizations. According to report of Verizon, 36% of all data breaches involved phishing, highlighting the need for intelligent, adaptive, and explainable security mechanisms. This paper examines the efficiency of different machine learning algorithms in phishing detection on heterogeneous phishing datasets that include a publicly available UCI dataset, our generated datasets using tools such as EvilGinx and Zphisher, and AI generated datasets. Moreover, this work incorporates explainable AI (XAI) techniques such as Information Gain, SHAP (SHapley Additive Explanations), and LIME (Local Interpretable Model-Agnostic Explanations) to examine the most influential features impacting classification outcomes. To support practical deployment, this work also incorporates an MCP-based phishing URL detection system that offers real-time URL analysis, feature extraction, confidence-based classification, and AI-assisted security interpretation. The experimental results demonstrate that among classical models the highest accuracy is obtained by Logistic Regression at 92.44%, among ensemble models CatBoost achieved the highest accuracy at 95.01%, among neural network CNN achieved an accuracy of 94.02%, and among transformer-based models, DistilBERT got the highest accuracy at 99.78%