Slashdot

No there is need. Under Linux a non privileged software has only access to high-level network access, such as opening a regular connection. There's no low-level access to network (crafting the data packets as wished) for non privileged software.

Thus a potential running virus, *COULD* connect to its C&C if it receives its orders from an IRC channel.
But the virus won't be able to create spoofed packets (used for sophisticated bounces and DDOS) or specially crafted packets to exploit flaws on the target system.
Whereas under Windows, non-privileged applications CAN craft packets, and users run as administrators anyway.

A non privileged process CAN download Ads from the internet, but it will have a harder time injecting them into the browser window.
An admin-privileged process in Windows could hijack the network stack and rewrite HTML on the fly inserting pop-ups and ads.
Under a non-privileged account in Linux, it can't. The virus will need instead to be able to rewrite the configuration of all gazillion of browser that exist in Linux, either injecting a spyware plugin or rerouting the traffic through a proxy process spawned by the virus. Anyway, the absence of a single point of attack, and the lack of monoculture make Linux a more complicated target.

Also, few user-friendly type distros (Ubuntu and the like) come with a sendmail (or equivalent) configured out-of-the-box for internet message delivery. Usually it's only configured to deliver alerts to the local user account.
A potential operational Spam bot would either have to send directly the spam to the internet and both hope that the network isn't configured to reject email not going out through the SMTP server and hope that the infected machine doesn't sit on a dynamic IP which will automatically get discarded on the receiving machine.
Or the potential Spam Bot will need additional complexity to retrieve the user's SMTP configuration, which will be difficult, both because there's a gazillion of different mail clients under linux, and both because several of them password-encrypt the credential (Thunderbird can do it and all KDE software store their passwords in KWallet which is masterpassword-encrypted by default).
This is security by diversity, and why it's good to avoid monocultures.
This is opposed to Windows, where most users have outlook express, which lacks the ability to encrypt the credentials.

Under Linux, it takes several step to execute code downloaded from a browser, as a reference, see the HOWTOs about downloading the latest GPU drivers straigth from the constructor site instead of using whatever is the regular package management/delivery mechanism used by the distro (you have to manually chmod it "executable". Clicking on it usually opens an editor).
And that's neglecting that it is possible to "noexec" the whole home, in which case it's not even possible to *run* code from ~.
So even if he wanted to, a linux user can't just click on "NataliePortmanNaked.sh" and execute it (unless its a regular package inside Synaptic or YaST, of course) whereas a Windows user can click on "PetrifiedWithHotGrits.exe".

Also, downloading software from random websites isn't as common in Linux as in Windows. Mostly only geeks download software for Linux and usually they download it in (controllable) source form, where anomalies could more easily get spotted.
The regular user will employ the package management system for the distro to get the needed package from the regular repository instead, as because of the diversity of Linux distros, he'll need a custom compiled packagee for the present distro,
ie.: Windows wanting kitten-powered screensaver will google around to find a page proposing some spyware infested screensaver. Anyone can download, but you *need* to be computer-literate and careful about your source to *avoid* getting undesired stuff.

The Linux users will browser Synaptic and download the package "omg-lol-ponie