So what are the best ways to get your phone protected against these kinds of threats?
You can always install an Antivirus app, or (for example) a multipurpose app like Lookout. Lookout scans all installed apps against their database and will advise you if something has been reported as malicious. You may notice a slight decrease in performance as the application is running all the time, but may be well worth the loss,
Research the app before you download it. The comments are there for a reason. Read through those, along with the app permissions (See Screenshot). The app permissions will tell you what sort of access the app has to your data. If something seems fishy check the comments for an explanation to the reason for needing a certain permission. Do keep in mind that certain things may seem funny, like an app having the ability to locate you, but if there is a feature in the app that uses the GPS it will need that permission. A similar complete is when an app needs to see what state the phone is in. A lot of times that is so the app can save data before the phone call comes in.
Also keep an eye on the source of the file. Be extra cautious when loading an app from a 3rd party, or a file sharing site. A lot of developers are using places like Mediafire.com or 4Shared.com to distribute apps that aren’t in the market because it is a free way to distribute their app, but it is best to download from one of the major App stores. (Android Market, Amazon Appstore, SlideME) because the apps are typically checked before they are distributed. (More so with Amazon and SlideME where a person actually hand tests all the apps.)
So be cautious out there, and always remember to backup your data. The good news with this situation is that Android Market is removing apps as they are reported bad and revoking the license of the app creators.