I know this isn't Reddit, but r/peopleliveincities... When 90% of desktop users use Windows, it's going to both be the most targeted by malware developers and have the highest chance of being operated by someone who doesn't understand enough about computers to recognize that the shiny calculator app that just popped up after visiting a very legit Nigerian prince's crowdfunding page probably shouldn't need admin access.
And speaking of user error, I'm willing to bet that basic security practices like using full disk encryption, SecureBoot, some MAC layer (provided by antivirus on Windows, AppArmor/SELinux on Linux) and regularly applying security updates are way more common over in the Windows land - if I was in a situation where there was one completely randomly selected Windows PC and one also completely randomly selected Linux PC, and my life depended on being able to gain access to either of them (some kind of really messed up Saw trap? idk), I would definitely bet my life on the Linux one being misconfigured.
Don't get me wrong, Linux can make for a very secure and private OS, but most installs most definitely cannot be described as such - just look at the popularity of random unverified PPAs on Ubuntu derivatives or AUR packages on Arch.