It can actually happen on many levels, with public wifi probably being the most straight forward. Unsecured or WEP-based wifi are straight forward to exploit, with WPA-based wifi being very difficult, but still possible.
Using a VPN connection through a public wifi I would imagine might help prevent safe-guard yourself. Really, just clearing your cookies before using public wifi and not accessing secure sites while connected to it should help, i think.
DSL/Cable connections are also vulnerable, but a special modified modem would be needed in that case.
Also, virtually any man-in-the-middle attack could would work -- so a compromised proxy for example would do it.