User data protection is a major problem in the technical world. To get critical data from people such as bank account, credit card details and passwords, fraudulent people use different techniques for their advantages. Misuse of user credentials affects many industry sectors day by day. The fraudulent practice where more people connected to a network revealing sensitive data of individual, group or a company of legitimate sources called phishing. The aids for the hackers are forged websites and emails which look similar as original. There are different anti-phishing methods are proposed which follows various methods, to protect users against phishing. Proposed technique has detection of phishing at various stages. It contains incoming mail analysis for its feature as well as source. If mail has link to webpage, that cautious webpage is checked for its legitimateness. It is examined by using two methods. For popular sites, webpage content is compared with content of known legitimate site. The second step is to find whether any cautious site is increasingly dependable on any related pages to calculate relationship strength indirectly or directly associated pages. To protect from phishing attacks, these techniques uses virtual passwords for logging into sites.