Since scare tactics appear to be at least start thinking about the problem, or what drives some people to take fix malware problem a little more seriously, allow me to shoot a few scare tactics your way.
Use strong passwords - Do what you can to use a strong password, alpha-numeric, with upper and lower case and special characters. Easy to remember passwords are easy to guess!
Keep your WordPress Setup to date - One of the easiest and most valuable tasks you can do yourself is to ensure that your WordPress installation is upgraded. WordPress gives you a notice in your dashboard, so there is really no reason not to do this.
Upgrade, if you're not running the latest version of WordPress. Leaving your website on an old version is similar to keeping your door unlocked when you leave for vacation.
Do your homework and some searching, but if you are pressed for time site web and want to get this try out the WordPress safety plugin that I use. It is a relief to know that my website (and company!) are secure.