But usually, as I have heard, the clone wallet or phishing wallet like installing a fake version of the electrum didn't have any malware infection in your device, but the problem is the revise the code. When you make a transaction it will automatically send to their Bitcoin address and the reason for losing your fund.
In this case, to avoid that matter. Study of how to verify the authenticity every time you have to download and install any version of the wallet. Learn the PGP stuff.
Hardware wallets works by only protecting your private keys. It doesn't protect against phishing attacks by misleading you to send to a different address. It's possible for a malware to be included with the fake Electrum software to change the Bitcoin addresses that you see on webpages and key in.
If the fake Electrum software only changes the addresses that your transaction is being sent to, the hardware wallet displays the transaction details and you should be able to see for yourself and decide if it's correct.