I found this is really helpful, since most of us are using these great free email accounts on daily basis. Original article was from Digital Inspiration. I recommend you to bookmark this site since it has many great posts on how simple technology know-how helps you securing your internet life. The post is as below:
This is Robert Graham posing with the GMail website open on his laptop.
Rob demonstrated to a live audience how he can successfully hack into web based email programs like GMail, Yahoo Mail! or Hotmail using the IP Address and user name (login) without requiring any password.
Let’s not go in the very technical details but he used some sniffing tools called Ferret (to copy the GMail cookies to his computers) and Hamster (to use the cookies in his browser). [Details at ZDNet, TG Daily]
What can you do to prevent someone else from reading your GMail or Yahoo Mail ?
Rob’s method works when you are using the HTTP mode to access your email (http://www.gmail.com/). Therefore the trick is to always use Secure Login.
Here’s what you can do to safeguard your email in public wi-fi hotspots – use https:// instead of http:// – the entire session will be encrypted and the cloning cookies method will fail:
For basic HTML version of GMail – https://mail.google.com/mail/?ui=html
Alternatively, you can install the CustomizeGoogle extension of Firefox that will always force the SSL mode in GMail incase you forget to manually type the https:// GMail URLs.
Highly recommended also because Customize Google will also encrypt your Google Docs, Google Reader, Google Web History and Google Calendar session incase these Google services share the same cookie with GMail.