To reduce the possibility of infection, check each app before downloading from Google Play (by search for rewiew), and never download apps from any other location. It is also important to keep your smartphone up to date with security updates, and that you use any security software that can prevent such bad apps to install on your device.
That's good advice.
Many users are tempted to download an app directly or use some other platforms like apkpure because there are restrictions region based, or device based (forcing you to buy a new phone to download an app, which runs smoothly in an old one)
There is a risk downloading apps from those sources as you pointed out
I do not fully agree with you.
Checking reviews does not mean anything. To find out that the application can be compromised only after a long time, when it starts to act actively.
If you installed it relying on reviews, you will fall into the trap with all other users. Ideally, you need to install open source applications, or at least refrain from installing for several months if the application is new and little known.