Some proponents of Linux claim that Linux is immune to malware. Unlike Windows, Linux simply doesn’t get viruses or trojans or other nasty stuff. This isn’t correct.
It is true that reports of malware on Linux are fewer than on Windows, but this is largely due to the relative numbers of people using the different operating systems. Wikipedia tells me that Windows has almost 70% of the users. MacOS has around 17%, and everyone else is less than that. Desktop Linux is 1.9%. So assuming random attacks, Windows is more than thirty times more likely to get hit than Linux.
But these attacks aren’t random. Malware authors want to infect as many systems as possible. If they go after Linux, they’ll get less than 2% of the systems, if they manage to infect every system. That’s not good return on the investment, especially considering that they won’t be able to get into every system.
Malware authors are playing the odds, and Windows by far has the greatest number of targets.
Back in the olden days, there was some element of truth to the idea that Linux was more secure than Windows. Linux had been based on concepts found in Unix, which was developed from the ground up to work with multiple users and accounts. Security had always been an issue.
Windows started out as a single-user system where security wasn’t a great concern. When operating systems got more complex and Windows wanted to add users and security, these were more or less bolted on to the basic product. It really wasn’t as secure as other OS’s. Windows also gave great weight to backwards compatibility, meaning that old insecure features were retained. More recently, Windows have fixed these shortcomings.
The bottom line is that, while Linux is secure and robust, it is not bulletproof. You still need to keep alert to malware and security holes. A solid firewall and antivirus is still a good idea.
I will note that when it comes to servers, Linux has a greater slice of the pie. However, most sysadmins take pains to protect their systems.