This month in the Atlantic, Fallows recounts the hacking of his wife's Gmail account and the way Google dealt with it.
Everyone in her address book got one of those "I was mugged while in Madrid, please send money" messages and all of her email was deleted. After the account was restored, Fallows visited Google and interviewed security folks there. Here is one quote from the article:
At Google I asked Byrant Gehring, of Gmail’s consumer-operations team, how often attacks occur. "Probably in the low thousands," he said. "Per month?," I asked. "No, per day."That should get your attention.
I recommend this article -- it is a harrowing story with some practical tips.
It is also a good introduction to James Fallows. If you have not read him, you should.