I have manually added the Phishing Signatures today to see how they perform.
Being a linux newbie I wasn't entirely sure whether to have a go with the auto update script and take my life in my hands on a production server since I don't have a spare box for testing. So played safe.
On a side note, I did try and enter phishing signatures manually before finding / implementing the sanesecurity list but couldn't get ClamAV to match them to the emails for some reason beyond me although it was reading the database.