Phishing Protection prevents the Search Appliance from being used as a tool in a phishing attack.
The Search Appliance has a redirect page as part of its Query Logging functionality, where it will provide a redirect to the URL specified. It would be possible for an attacker to specify a URL that, at first glance, looks like a link from the Search Appliance, which the user may trust. After the redirect, it actually ends up somewhere else.
If Phishing Protection is enabled, the redirect page will make sure that any URL specified is actually in the profile's walk database before issuing the redirect to it.