Abstract: Phishing APs are very hard to discover and flexible, and their attacks will cause serious threats to the current wireless network security problems. Besides, it is very difficult to discover phishing APs accurately and timely by the traditional detection methods. In light of this, we proposes an improved detection method based on multi-feature. The method comprehensively considered the MAC address, encryption mode, DNS, HTTP protocol of the access points to be detected, and used these features to confirm the security. Experimental results show that this method can effectively detect the phishing APs, and has a good stability while ensuring the accuracy.