The first thing is, use common sense. Who clicks on an invite sent to you from an unknown person from Facebook, or from anywhere for that matter? Although some do, just don't do it. Even if you are tempted by a letter that states that you have won the Tatooine National Lottery don't do it! Another good rule that can keep you out of trouble is not to sideload apps or other software. Want to install a cool new game that lets you manage real life players from the National Curling League? Don't do it. Keep the box that asks for permission to sideload apps unchecked so as not to give permission for the phone to load apps not from the Android Market. Most legit apps are in the Market and one that is not, Swype, comes pre-installed out of the box on mnay Android phones.
The price you pay for using an open source system is the possible breach of security by those who would love to disrupt your life. But let's go back to the example from the video. The malware was called any_name.apk and it would make premium priced calls from your handset to certain numbers which would allow the hackers to bill you premium rates for the calls. The app used a class name, com.opera.install, that made it seem it had something to do with the Opera Browser. The software installs on your phone without your permission, making phone calls that drain your bank account. A few days later, another variant of the app was ready to do more dirty deeds.
If you stay away from links from people you don't know, and never, never never sideload apps, you probably will be ok. Just realize that there is a threat out there and it is real. Use common sense so that you won't have to spend uncommon cents.
source: Sophos via AndroidCentral