The scam only has to work on a tiny slice of users, and the people who fall for fake bank alerts or package texts will march through a pile of Android warnigns if the script is convincing enough. Once the operator gets them onto a PC, the whole thing gets easier because ADB turns it into a guided install instead of a phone-only sideload.

That's why I don't think the extra prompts matter much beyond raising attacker cost a bit. Google is patching the visible path while the scam just moves one hop sideways.