If that is indeed the case, then perhaps I am just being overly paranoid. Maybe it is the simplification of Electrum's seed (specifically its representations as only a few words) that makes it seem that it could be much more easily brute forced than these calculations suggest.
Think of the words as larger numbers.
Imagine a combination lock (like on a bike) with digits 0 to 9.
How many possible combinations are there if the lock has two digits? 10^2 = 100.
How many possible combinations are there if the lock has three digits? 10^3 = 1,000.
How many possible combinations are there if the lock has four digits? 10^4 = 10,000.
How many possible combinations are there if the lock has five digits? 10^5 = 100,000.
128 bit = 2^128 ~= 10^38
So you could write a random key as 128 binary digits or 38 decimal digits. Either one is just as strong.
However you notice the larger the numerator (10 vs 2) the smaller the exponent needed for equivalent security (38 vs 128).
So what is we used a much larger number .... we would need less digits. Right?
Electrum's words are a set of 1626. If you prefer think of them as numbers
1= hello
2= dog
....
1626 = xray
(note this isn't actual word list)
1626^12 ~= 10^38
128 bit = 2^128 = 10^38 = 1626^12 = x^y (where there are an infinite number of x & y values possible)
How you choose to represent it doesn't change the entropy of the value anymore than representing 123 as the words "one hundred and twenty three" makes it any more or less secure of a 3 digit decimal combination.