Most phishing sites follow a known pattern. And people like to flag bad sites. So Google and a few other organizations, such as stopbadware.org have a collection of feeds that can be leveraged by software vendors to provide a warning or flat-out block potentially fraudulent sites. If a piece of malware is found, even if buried deep in a site, the site will likely get picked up by a robot or reported by a user. Robots can pick up a lot, as people who exploit WordPress sites and stuff like that are often after playing a numbers game. Harvesting hundreds of thousands or email address and sending phishing emails. It only…