Imagine there is a Trojan on your desktop or cell phone that has been programmed to detect recovery seeds, WIF private keys, extended private keys or any sensitive data that allows partial or full access to your funds in a deterministic wallet.
How can we be sure that these things are not monitoring your clipboard, your keyboard when you type totally random words that follow a pattern like 12 to 24 words? Or a screenlogger that takes a screenshot when it detects a seed on the screen and instantly sends it straight to the attacker's server? We know that it is possible to develop this.
By avoiding malware completely. Example is the use of a cold wallet like wallet on airgapped device that pooya87 has already talked about. If the wallet remains on the airgapped device and the airgapped device remain airgapped, no malware can be able to steal from such wallet.
I always thought about this when creating my wallets, I know you will answer that an HW is the best option in this case, yes I know that too.
Due to privacy reasons, and the safety of wallet on airgapped device which is equivalent to hardware wallet, I will recommend airgapped device. What that is needed is for the person that wants to use it is to learn about it. It is the best for someone that wants to hold just bitcoin and no altcoin.
He is wrong. Seed phrase are secure because no one can steal your coins unless the seed phrase or part of the seed phrase is seen. If you are concerned about possible offline attack, you can use passphrase to extend the word. If the passphrase is lost, just like the seed phrase, the coins will be lost.