Phishing attacks remain a dominant and evolving cybersecurity threat, exploiting deceptive techniques to compromise user credentials and sensitive data. Traditional detection systems, often rule-based or reliant on manually engineered features, struggle to cope with the dynamic nature of phishing patterns. This study proposes a hybridized deep learning model that integrates Convolutional Neural Networks (CNN) and Bidirectional Gated Recurrent Units (BiGRU) to effectively detect phishing websites. CNN is employed for spatial feature extraction from URL and HTML structures, while BiGRU captures temporal dependencies, enabling a comprehensive understanding of phishing behaviors. The model processes a rich dataset of 80,000 website instances—sourced from PhishTank, OpenPhish, and other repositories, and applies Min-Max scaling during preprocessing to normalize feature values. A dual-pathway architecture fuses spatial and sequential features into a unified representation, enhancing detection performance. Experimental evaluations using train–test split and 5-fold stratified cross-validation demonstrate outstanding results, achieving 99.97% accuracy, 99.98% recall, and 99.96% specificity. The model further exhibits strong generalizability when tested on an external dataset, reinforcing its robustness across diverse phishing patterns. Comparative analysis with existing deep learning methods, including CNN-LSTM and CNN-BiLSTM, confirms that the CNN-BiGRU architecture delivers superior performance with reduced false positives and false negatives. This work highlights the potential of hybrid deep learning frameworks in building resilient, scalable, and real-time phishing detection systems suited for deployment in modern web security infrastructures.