Intego thinks that 2011 was a very bad year for Mac security:
2011“was the most active year for Mac malware since the release of Mac OS X.” Much of the stepped-up activity can be blamed on the emergence of MAC Defender malware and the Flashback program that masqueraded as an Adobe Flash installer. Intego estimated that “ several hundred thousand Mac users” were affected by the year’s “bumper crop” of malware.
I called bullshit on this a year in advance, and I call bullshit on this now. Sure, there are always possible attacks: I can write an AppleScript application that will fool you into giving up a password, then erase your hard drive. That would take me 10 minutes. But “several hundred thousand people” is a small percentage of all Mac users (even smaller now than in 2010), and frankly, you have to be fairly self-selecting to trip across many of the extant malware. It might be out there, but it’s no so much “in the wild” as it is festering in a swamp on the outskirts.