This article is part of the Protecting WordPress index, but can be generally applied to your account and security practices!
The most important factor in defending your account from malware is to monitor for it every day so that you are immediately aware when issues arise. There are many ways to do this manually, but some third party services can help you automate some of this task.
http://www.sitelock.com/ SiteLock offers malware scanning each day and immediately notifies you of any validated issues. Other useful tools are included to help you defend your account as well.
http://sucuri.net/introducing-server-side-scanning.html Sucuri dives in to scan your account as well, helping you to find any backdoors or easy entry points for hackers so that you can patch them and close them.
You don't need both (or other scanners available out there) all at the same time, but review your options and use a service that best suits your experience, ability, and needs.
Never fail to do something about it. The tools above will help you resolve the issues that come up, but you still need to take action whenever an issue arises. Having all the scanners in the world may not help if you fail to take action. Scanners help you to be proactive in taking care of possible infections, yet they do rely on you to stay involved and active in the process.