I agree with all other posters so far, but decided to make a checklist... Some of these points were already mentioned by previous posters!:
- Make sure you run an official version (check ThomasV's signature)
- Make sure you run the latest version
- Make sure to encrypt your wallet using a STRONG, UNIQUE password
- Write down the seed phrase, store it in a secure, OFFLINE way
- Never follow links shown by electrum or by any other source, if you need a new version, download it from the official website and check the signature
- A desktop wallet is used to store smaller amounts of funds... If you want more security, buy a hardware wallet, properly generate a paper wallet or do an airgapped setup
- Make sure your OS is squeeky clean... Don't install any financial tools (like wallet software) on a system running a cracked OS, or an OS on which you install unknown, or out of date software
- An OS (especially windows) NEEDS a virusscanner, an upgrade/update plan and a properly setup firewall
Next to this, there are things that are not specific to electrum (like keeping your OS clean) that are also worth mentioning... Like a native segwit wallet means lower transaction fees, enabling rbf is a good idear (especially if you cheap out on fees regularly) and anybody who has access to the seed, the wallet file + passphrase OR the xprv (or individual derived private keys) has access to your funds,...
BTW, to be honest, i don't quite like the title of this topic... Electrum is still one of the more secure desktop wallets around. Sure, it has had it's share of vulnerability's (like most other wallets), but i would still recommand it to new users that are looking for an SPV HD wallet...