A method includes obtaining a given web page, parsing the given web page to identify one or more frame tags for one or more inline frames of the given web page, and extracting a set of features of a given inline frame from a given one of the identified frame tags in the given web page, the extracted set of features comprising one or more style features, one or more destination features and one or more context features of the given identified frame tag. The method also includes classifying the given inline frame as one of a malicious frame type and a benign frame type utilizing at least one model and at least a portion of the extracted set of features, and controlling access by one or more client devices associated with an enterprise to the given web page responsive to classifying the given inline frame as the malicious frame type.