All OSs are vulnerable to malware and phishing attacks.  The only way to avoid being victimized is to educate yourself, and be diligent.  The OS you choose will not save you from mistakes.  

I've been using computers since Commodore 64s were all the rage.  I used Apple IIs and the first generation of Macs when I was in high school.  My first version of Windows was 3.2, and I've used every version since, including enterprise versions and server versions.  Currently I use Ubuntu for a variety of tasks, and most of my servers run a version of Linux.  My daughters prefer Macs, so I've had a couple of those around the house for the last decade as well.

Those of us who have industrial engineering jobs, those of use who use CAD to earn our living, those of us who must interact with other people around the planet who use Word, Excel, PowerPoint, and the like...  How hard would we be making our lives trying contribute while using some buggy shitware?  All the best quality and most practical business and industrial software is written for Windows, and only Windows.  So yes, my main personal computer is built to run Windows, and that's the only way I'll have it.  Not because I don't know what else is out there or because I don't know how to use anything else.  It's because I like it, it works great for my needs, and it's been quite safe when I do my part.

When I say that I find Windows to be among the most versatile, useful, and dependable OSs of all that I've used, it does come from a place of experience.  So, you'll have to forgive me for not taking the advice of some newbie on an internet forum when he says things like "i suggest not using windows."