There are
lots of ways to "attack" a computer, and by now the traditional "virus" is becoming somewhat long in the tooth. There are much easier and faster ways to do it.
But basically, in the case of "viruses," the main maxim that you need to keep in mind,
regardless of operating-system, is that privilege, ownership, and protection mechanisms are your
best friends. You do not need to run as Administrator on your Windows box, nor as Root on your Linux box, even though it is "your personal" computer and so you have every "right" to do so. Nor do you need to have every single file on your system read/writeable to you. As they say in firearms, "keep the safety 'on' until you are ready to destroy the thing that is in front of you."
Linux, OS/X (Unix),
and all Windows-NT descendents have a very powerful security-model ... Windows' actually being the
strongest of the three. They give you fully-automatic, fine-grained control over exactly what the operating system will allow you to do, and what it won't. When these features are used in the manner for which they were originally designed (namely, keeping a University full of very-bright, very-bored students more-or-less at bay
) ... a "virus" is quite-literally
not allowed to do what it wants to do.
In that regard, mind you,
Linux is not special or magical. Its standard security-model is actually quite primitive.
The only difference is... it's usually
turned on!