...
This cannot only happen with web servers, but also with mail servers. If your mail client connects to your mail server, it will send your personal credentials to the server to authenticate and exchange your personal email with it. But if it's not the correct server but a fake server, all clients connecting to that server will inadvertently reveal the users login data to the fake server!
Not only will this expose all emails currently stored on the server, it also enables the attacker to continue to spy out your email until the password is eventually changed.
...