Originally posted on TCAT Shelbyville - Technical Blog:
In many hotspots today, malicious people can run their computers or droids in adhoc mode allowing your computer to connect to them while unknowingly to you; they have malicious intent. How is this done? By running their computer in adhoc mode and with them being connected by a second wireless card or on their 3G network, their computer broadcast an SSID that you trust. After you connect, the malicious user begins to run ettercap, etherreal, wireshark or other packet capturing software and may even begin to try to break into your computer. This process runs your network traffic through their computer.
There is no true protection against this other than being aware of who / what you connect to, use https when surfing and to use something like HotSpot Shield.