don't install random apps from suspicious developers.
read the privileges requested for each app.
block Internet access for apps i dont trust.
don't connect to public wifi/leave wifi on in public.
1) Avoid "free" apps. Remember, if you're not paying for the product you ARE the product.
2) Only download apps from reputable and established companies. They have the most to lose if they let malware get into their apps!
3) Don't give app permissions that don't need them. A calculator should NEVER need to know your location!
For me, I avoid "other app stores" and stick with Google's Play Store.
I've never gotten one piece of malware on any of my phones by following the 3 things above.
@neil Best would be to look into apps permission you can start from there
I'll say due dilligence in curating the apps is the no 1 issue besides a malicious manufacturer* due to everything being a binary blob communicating over encrypted these days. If an app get access to your keyboard and/or mic they can basically sniff out everything meaningful you do on the device.
(*...uninstallable apps. Or worse, pile on more with updates. The apps also tend to be a smashgrab with as many permissions as they can get their hands on. Each is an extra attack surface.)
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!