Big Electrum user here, and the increased threats we've seen to me is a compliment to Electrum's reach and popularity. I wouldn't say it's more vulnerable than other clients in its class - kind of the same argument that Chrome is more vulnerable than Vivaldi because it's got more attacks on it. But yes, it's going to be really difficult to get normies to use software if their basic behaviours regarding security aren't fixed.
Hell, you could use the toughest hardware or paper wallet, but if you fall for a message telling you to do stuff you're not supposed to...
This is why we are likely to see Bitcoin banks. People can teach their grandmas to use Bitcoin wallets, but it's impossible to teach their grandmas enough cybersecurity to prevent them from losing their coins.
you're right. a lot of people can't be bothered figuring out cold storage. for those with poor security practices, a bookmarked secure web site + password and 2FA can be the best option. that's just the unfortunate reality. the UI can be difficult for technophobes on top of security matters too. i've known people who have fucked up by sending to their "sent" addresses instead of their "receiving" addresses and things like that.
also, think about how many people used mt gox as a wallet back in the day, and how many do the same with coinbase today. as adoption continues, we'll be adding older, less tech-savvy people into the mix. that's one of the reasons i expect to see hsbc and bank of america eventually offering deposit accounts in bitcoin.
Never mind figuring out cold storage, far too many people aren't even willing to do more than remember a username and password - which is the crazy reason why so many people I know just refuse to use a proper wallet where they control their own private keys. They deliberately want to trust someone else, so yeah, Bitcoin banks? With custodian protection and deposit insurance? That idea is just going to appeal to them. Maybe soon people won't even remember what a private key is.
