[array_key_first]

If you can convince someone over the phone to install malware thru a million "don't do this" screens, you can convince them to just give you their login credentials. Which is both easier, cheaper, and, I imagine, more effective.

[UncleMeat]

And yet, criminals create banking trojans at scale. They wouldn't do this if it was more effective to always do traditional phishing.

[array_key_first]

Well they do both, and as I said I imagine most phishing is traditional, through the phone or email. Casting a wide net is just good business, but simply eradicating malware won't make phishing no longer possible.

And I'm being extremely generous here, because this won't erradicate malware. It will make a specific subset of malware harder to distribute. I imagine most malware is distributed through the play store, and naturally that will be unaffected.