The Loop spoke with Apple about the issue, and learned that the anti-phishing database is updated on a user's iPhone via the charging/syncing process in order to preserve battery performance and prevent hidden data usage on cellular networks.
"Safari's anti-phishing database is downloaded while the user charges their phone in order to protect battery life and ensure there aren't any additional data fees," Apple spokesman, Bill Evans, told The Loop. "After updating to iPhone OS 3.1 the user should launch Safari, connect to a Wi-Fi network and charge their iPhone with the screen off. For most users this process should happen automatically when they charge their phone."
The report notes that the entire anti-phishing update must be downloaded in order a user to be protected, which likely explains much of the inconsistent behavior seen in early tests of the feature.