Malware is, and likely always will be, a risk to servers.
There is a chance you can be infected on your home computer, and be keylogged (or similar), and someone can then wreak havoc upon your services with the password obtained.
You can help minimise the risk of being infected with malware by following some simple rules.
Use a Firewall
Always use a firewall, Windows firewall or iptables for Linux.
Get some protection in, Malwarebytes is an example, this can provide real time protection to potentially stop unwanted files doing malicious things.
For Linux there are things such as rkhunter, which can seek out rootkits that may have infected your Linux system.
Install updates regularly, security exploits and fixes are discovered and released all the time.
Use a secure password, and change it every so often, never give your password out to anyone, but rather create them another account to use.
Avoid Unknown Software Sources
Do not download or run anything you do not trust, always install and use things you know are safe, heed browser and antivirus warnings.
Use Common Sense
Applying common sense can greatly reduce risk, this will cover the points above, but they are a limited list, which can be expanded to cover many things.
It does happen sometimes, even if you are very careful, you can only reduce the risk, not eliminate it completely.
If you do become infected, start by running an antivirus or something to the same effect to try and clear it, and change your passwords to access your server.
There is a very good guide here.