I read something quite alarming today on Matt Garrets blog with regards to Gmail

It transpires that gmail is accessed via http instead of https (secure encrypted) as a default, so my advice to you is, if you use Gmail,  take a moment to go in to your “Settings” (from the top right hand side of the page when you’re logged in) and then scroll down the page to the bottom to find the option to change ¨to logon via https¨ as a default.

It will only take a moment or two to do this and you could save yourself a lot of headaches !