The attack in question doesn't use apps on the store, or even any attempt to get them on the store. There are also other attacks, but the one that prompted this change uses social engineering to get people to tap the build number seven times, sideload something and get a keylogger that then picked up their banking details and used them. Several governments raised the issue, Google acted. (The actions are to slow down the tap-seven-times process, so it becomes harder for the scammers to keep their victims fooled until the keylogger is installed, and also to tweak the timings, so the scammers can't outrun the app-banning process.)
If you haven't had your bank account drained, the scammers you met were different ones. (And I'm sorry that you've been scammed.)
(I didn't get scammed, I sometimes am curious on what the scam is so i lead them on a bit)
(They do something about other scams too. There was another thing they published recently, I didn't pay attention since no side effect of that concerned me, something to do with caller ID.)