Allow me to shoot a scare tactics your way since scare tactics appear to be what compels some people to take fix wordpress malware cleanup a bit more seriously, or at the very least start thinking about the issue.
Also, don't make the mistake of thinking that your web host will have your back as far as WordPress copies go. Not always. It has been my experience that the hosting company may or might not be doing proper backups, while they say they do. reference Take that kind of chance?
So what is? Out of all of the options you can make, which one should you choose and which one is ideal for you specifically right now?
BACK UP your site and keep a copy on your own computer and off-site storage. Back if you have a website that is very active. You spend a whole lot of money and time on your website, do not skip this! Is BackupBuddy, no additional plug-ins back up plugins, widgets, your files and database. Need to move your website this will do it!
Implementing all the above will take less than an hour to finish, while creating your WordPress site more immune to intrusions. Over 1 million WordPress websites were cracked last year, mainly due to easily preventable safety gaps. Have yourself prepared and you're likely to be on the safe side.