On the premise that someone will try to get your pennies, or that you will have a hardware failure, or that you just want to update/upgrade something, always start with a good backup of your data.

In MOST cases, these nefarious acts start with social engineering, phishing, spear-phishing, etc. Be careful what you click on in an email, in your browser, in your mind.

I've been using Linux since 1998. I dual booted with Windows from 1998 to 2008, but spent most of my time in Linux writing Qt based code that was compiled on Windows to develop server executables. From 2009 on I"ve been using Kubuntu exclusively.
From 1998 till now I have never been infected even once. Except for a short period of time I've always used FireFox.

Before Kubuntu 16.04 I relied on tar to create sparse backups of my data, which I copied to external HDs and DVDs. Since 16.04 I have been relying on BTRFS snapshots on a regular basis, using send & receive to migrate them to external HDs.

I'm a small potatoes target, just like you, and the vast majority of EVIL hackers wouldn't waste time on me. The risk to them is many times greater than the rewards they'd get from me, i.e., zero $. I'd laugh at them while I rolled back to my last snapshot and then patch the hole they crawled in through or delete the app containing the hole. At least that's what I'd do IF I ever have to do that.

I run DD-WRT on my wifi router and use its firewall. I used to run gfw too, but stopped using it several years ago since the wifi firewall is doing a good job. I also disabled apparmor as well several years ago.

A malware doesn't know your financial status so running Linux is no guarantee that it won't hit your system, but from what I've gathered most malware targets Windows systems because of legacy financial and networking software, and because it is low hanging fruit.

Executive Summary: Use BTRFS or ZFS as your root file system and make regular snapshots, coping them occasionally to remote HDs. If you get hit, roll back and patch.

Thanks everyone. It's just interesting and I'm surprised that such huge corporations fall prey to these scammers when it SHOULD be easy to prevent (just don't click on suspicious links, emails etc)?

I definitely feel more secure, but not immune of course, to viruses by using Linux. I also use a VPN whenever I'm online (including my mobile phone), HTTPS everywhere, I use a password manager so every single password is different, I use 2 way authentication whenever a site offers it and the password to my password manager is 60 totally random characters long and is stored on an OpenOffice spreadsheet which is in an encrypted file container using Veracrypt!

Not sure what else I can do to be honest.

The bad guys have gotten very good at social engineering up to and including blackmail.

Indeed, it is quite scary!

The weakest security link in Linux begins at the keyboard.

Yep, and it's totally human ...

One assumes you mean the person using the keyboard, not that the keyboard would get hacked?