There are exploits circulating to hack into GMail accounts via an unpatched security hole that Google says they do not intend to fix.
The attack is via session-riding, a CSRF (pronounce “sea surf”) class attack.
One can complain all you want to, but remember, sometimes you get what you pay for: gmail is free.
(You also need to understand that even if no one else reads your email at GMail, Google does.)
The risk of course is that you might have confidential content in your email or other stored documents; not to mention contacts who have trusted you (whether they thought about that or not) not to put their email address into the hands of spammers.
Those that will exploit these security holes in Google GMail accounts will certainly do so for profit, not just for fun.
Here is Google’s explanation of how to read your emails securely:
http://gmailblog.blogspot.com/2008/07/making-security-easier.html
This attack, and Google’s preference not to fix it, is another underscore to the need to surf safely. One way of helping secure your web surfing, especially if you use open WiFi, is GoTrusted secure surfing service. You can get a free trial here.
