If you go here, you would be met with a full page of malicious search attempts at my Magento store: http://www.princessly.com/catalogsearch/term/popular/
My question is, what can be done to prevent malicious search phrases from showing up on the Popular Search Terms page yet still show legitimate search terms from good-will users?
Thanks!
Don't list searches which don't return results, or which return only “sloppy” matches. The “malicious searches” presumably don't match any product on your site, so they will be excluded by this rule.
This rule does not require you to recognize the specific form of the searches in any way (it is not a blacklist), so it is robust. Furthermore, listing ordinary searches for which there are no results will likely not benefit you or your customers, so excluding them will be an improvement beyond taking care of the spam problem.