My smartphone is a simple affair. I have a hardened Firefox as my default browser (uBlock Origin with JS disabled by default with HTTPS-Everywhere addon with EASE turned on).<p>I keep my app-count to a minimum. There are people who need every app imaginable, but that increases the attack surface of the phone. Try to minimize the amount of apps on your phone please!<p>Then of course all the usual OPSEC practices like not clicking on suspicious links in Whatsapp, E-mail or SMS always apply. You have to consider the human element of all this. So many people have been owned by fat-fingering some suspicious link in an SMS that then took over their phone.<p>But there is always the argument that: phones <i>ship</i> with malware anyway so you're pwned either way.