"Last August, security researcher and CEO of Errata Security Robert Graham demonstrated just how easy it could be access potentially serious user information. His technique (nicknamed sidejacking), intercepts session ID cookies from the WiFi signal and used for a number of purposes, including sending and receiving e-mail. This type of attack takes place after the end-user has securely logged on to a service. Virtually all companies provide a secure login portal, but many do not secure the connection thereafter, which exposes the end-user to potential hacking as described above. During his demonstration at the time, Graham said that Google Mail users could switch to https://mail.google.com and secure their session from such snooping—but he's now backed away from and qualified that statement."
Check out the full article here.