Uh, that is not true (it's FUD at best). One of the main purposes of SSL encryption (https) is to prevent man-in-the middle attacks of that and other kinds.
Generally hard to do but the owner of a public wireless access point can in principle conduct MITM attacks on the users. Please *educate yourself* if you are going to use free / cafes access point. Here is a quick demo: [crimemachine.com...]