1. Always check the URL before logging in: Fake login pages are a problem with any site that hosts sensitive information. Even Craigslist was having this problem just last month. Tread carefully before you log in.
2. Avoid checking emails at public places: You never know what sort of spyware has been installed on someone else’s machine.
3. Create a secondary email account: If you absolutely must login to your email account on a machine other than your own, create a secondary email account (with different login credentials, of course) and forward a copy of all emails from your original account to the secondary. This way, if you get hacked, your original account should remain uncompromised.
4. If you are able, regularly check the IP of the last login: This is a nice Gmail feature, and is offered by some other webmail email providers as well. If you don’t recognize the IP that last logged in to your account especially if it comes up often you may have been hacked.
5. Check for bad filters: If your email service allows custom filters, there is always the possibility that one of them could be forwarding your messages to someone else. Regularly check your filters to see if there are any that you don’t recognize.
6. Don’t click on suspicious links
7. Choose a strong alphanumeric password: Some services don’t allow capitals or special characters in your password avoid these services if you can. Use of funky characters is a great way to increase password strength.