From my perspective, I would like to add the following info, which is likely covered by the other tips as well.
In essence, Mac OS X is less virus prone for a couple reasons:
1. No root account enabled by default.
2. No direct support for Windows .exe files. See
if you need this.
3. Software sharing system preferences when the firewall is turned on, keeps all ports closed by default.
Running Windows on a Mac, the Windows environment is still as succeptable as it would be on a non-Apple PC.
Sophos and ClamX AV offer inexpensive anti-virus solutions, but honestly, most anti-virus for the Mac offers unnecessary overhead and network traffic.
You are best off practicing safe computing, avoiding trojans, including:
1. Not using peer2peer software, or opening torrents of any kind.
2. Do not download Mackeeper. Macpaw, and Zeobit optimization tools are actually worse than not using any at all.
If you have, read this: https://discussions.apple.com/docs/DOC-3036
3. Do not use any cache cleaning software other than the built-in browser cache cleaning. And definitely avoid them, if you haven't backed up your data.
4. Backup your data frequently, and before any update: https://discussions.apple.com/docs/DOC-1992
5. Do not run software update from a browser window, instead go direct to the distributer's website of the necessary patch. Popup windows have masqueraded themselves as Flash and Java updates.
http://support.apple.com/ lets you find software updates for Apple's products.
Note: Java on Mac OS X 10.7.2 and earlier was supported by Apple, and now most vendors only support Oracle's Java due to security concerns. To get the most secure Java for Mac OS X 10.4 or later, see this tip:
Some automatic software updates via the System Preferences may interrupt your work.
Be careful only to run them after your data is backed up. Make note of the said update, and check an internet search engine
for that update later if you find it becomes essential for your work, and make sure the update does not present other compatibility
issues for your software or hardware.
6. Check for viruses on Microsoft office documents before opening them as attachments to the Office application, or use an Office program that doesn't support Microsoft's macros, unless you absolutely need someone's macros. Neooffice, Openoffice, Google Docs, Zoho Docs, and Libreoffice don't support the macros, but support most everything else.
7. Be wary of any .app suffixed attachments or .scpt suffix attachments. .app is most commonly used for
Apple applications, and .scpt are most commonly used for Applescript.
8. Do not open attachments from the Finder, unless you verify the application that can read them can open them directly. A .JPEG could in theory masquerade as an Applescript, but it won't behave as one if you tried to use Preview to open it, as Preview can open the real JPEGs as JPEGs.
Normally opening attachments wouldn't be a problem, since Macs are still seen as the small minority of computers, and Windows is a far greater target.
The question of whether or not Apple provides its own free anti-virus software has come up. That I have yet to see.
9. Bluetooth phones can act like a remote control for Macs. If you use your phone, and try to access some Bluetooth function with it, it may inadvertantly access your computer trying to act like a control of some sort. Disable or unpair Bluetooth from phones except when you need to make a synchronization.
Pair to keyboards and mice only when you are in the same room with the keyboard and mouse.