A lot of it is common sense - things like using an authenticator (which also gets you a nifty Corehound pet), not giving your account name/password to anyone (even if they say they're a Blizzard employee), and keeping up-to-date browser software and anti-virus on your computer. It never hurts to reiterate these things, though; many accounts get compromised every day through not observing these rules.
It also contains a list of "safe, official Blizzard Entertainment domains," which are the only domains you should ever enter your Battle.net login/password on. That list is Blizzard.com, Battle.net, WorldOfWarcraft.com, WoWArmory.com, Starcraft2.com, and Diablo3.com (though I imagine it'll get expanded whenever they announce their new MMO).
Give the site a quick read if you're feeling unclear on WoW security principles, and more importantly, recommend it to your less-informed friends. Only you can prevent WoW account theft.