It is somewhat similar to phishing and people got trapped because of their curiosity and carelessness. If they can control their curiosity and carelessness, they can have better practice and they will have higher chance of maintaining and achieving higher security for their devices and accounts.

In addition, with open source password managers, people can install those softwares and use them offline.

In general, I understand your concern but the bottom line is people as users must protect themselves from knowledge, attitude to practice and they can not have bad practice habit while expecting password managers or antivirus softwares or Internet Security softwares can keep their devices and accounts secured and safe.