There's also windows instructions explaining how to check if your Electrum Wallet is legit here.
https://bitcointalksearch.org/topic/electrum-and-gpg4win-1836004
Topic: How to check if your Electrum Wallet is legit before using. (Read 187 times)
Stay safe guys! 
you didn't have to download ThomasV's public key manually and import it manually. instead you could easily use command line to directly receive the key from servers and import it at the same time.
just use recv-keys command:
you can add a keyserver to this command too if you want to receive from a specific server, for example when mit servers are down. use "--keyserver" after gpg.
just use recv-keys command:
Code:
gpg --recv-keys 7F9470E6
(For Linux)
Go to Electrum website, click on download, then click on ThomasV, this will redirect you to the MIT website, click on a 7F9470E6, this will redirect you to ThomasV public key, select all and save it as ThomasV.asc.
https://pgp.mit.edu/pks/lookup?op=vindex&search=0x2BD5824B7F9470E6
Go back to Electrum website and download Electrum-3.0.6.tar.gz and its signature Electrum-3.0.6.tar.gz.asc
Copy all the 3 files to the same folder, open the terminal and use command 'cd' to navigate to that folder and run these commands.
gpg --import ThomasV.asc
gpg --verify Electrum-3.0.6.tar.gz.asc Electrum-3.0.6.tar.gz
If the message returned says Good signature and that it was signed by ThomasV with a fingerprint that ends with 7F9470E6, then the software is authentic.
Go to Electrum website, click on download, then click on ThomasV, this will redirect you to the MIT website, click on a 7F9470E6, this will redirect you to ThomasV public key, select all and save it as ThomasV.asc.
https://pgp.mit.edu/pks/lookup?op=vindex&search=0x2BD5824B7F9470E6
Go back to Electrum website and download Electrum-3.0.6.tar.gz and its signature Electrum-3.0.6.tar.gz.asc
Copy all the 3 files to the same folder, open the terminal and use command 'cd' to navigate to that folder and run these commands.
gpg --import ThomasV.asc
gpg --verify Electrum-3.0.6.tar.gz.asc Electrum-3.0.6.tar.gz
If the message returned says Good signature and that it was signed by ThomasV with a fingerprint that ends with 7F9470E6, then the software is authentic.
Jump to: