Encrypting the wallet files (possibly with different passwords) and checking/verifying the digital signatures of downloaded installers is really the best form of defense.
In addition to this, and while you're at it, I'd consider a cross-platform multisig for those wallets you
really don't want to lose anything from.
Attackers are generally only able to attack one piece of the software. The last phishing attack only attacked computers. If you have another wallet on your phone for authenticating everything then you start to make things a lot more secure. An basic android phone or tablet (even an old one) might only set you back $100-1000 at most and it's worth the investment for the added security it'll give you (about as helpful as a hardware wallet as apps generally aren't able to communicate with each other quite as easily in android). Although I'd prefer it to a hardware wallet as there's less of a likelihood the phone producer will steal everything.