Hackers and scammers never stops inventing new strategies for stealing from people. But, how you avoid these scammers is still the same ways stop installing apps from unknown sources, make use of the main app stores whenever you want to install an application.
One thing to add up in here is that, the greatest risk you could have when dealing with applications is upon right after installing it. To be exact, the permissions that we are allowing the application is what makes us be in danger. You know why? Our operating system in desktop or in mobile is actually doing their part to protect us, but let us do our part to keep ourselves secured by just allowing trusted permission request for them to be limited in accessing our information.
I remember so many applications that are slippery during installation or configuration of the application, like people got used to clicking "Next" when they're trying to install something. Commonly it is an adware from my experience, and it is quite an annoying experience.
Some software also install hidden Bitcoin mining software and you would just notice that it stresses your GPU when you play.
Basically, not installing suspicious apps would deal with this already. Be mindful of whatever you're you're putting on your phone especially if it has potential to gather private info. We also have 2FA already available and for me that's one of the surest ways to make sure that you secure your account. Don't neglect any security measure. There's only so much we can do to secure our accounts on our end.