Is this suspicion correct? If so, why and how?
Yes, it's called Man-in-the-middle (MITM) attack at it can happen virtually over any communication channel.
Sure you have heard about "evil" polititcians tampering someone's mail? Why did they use seals for messages in ancient times?
Problem is that with advent of Internet age, there is much more to tamper with, and there is much less security even in things that we know and use.
A little example.
Consider this: You walk into a bank to send money using classical statement.
in a known town
on a known street
with lot of people around
you may even know the security guy
you know how the statement is supposed to look like
you may even know the clerk by face and by voice. Even if they are new, you can
comment on that and have their reaction.
Before you even get to touch the paper, there are literally thousands of tera-bytes (well, AFAIK no-one ever measured it, but it would be a huge number) that your brain will get to check for you to make sure you are at the right place, and nothing strange has happened that morning.
Now this tremendous amount of data is in fact public key of the bank: Everyone can get all the data, but for you it only works if you have memories of the place (that's your private key). Your brain (yes, the only machine you can trust, only because you must), does all the decoding and checking for you. Cool.
Now consider a HTML page with a simple name/password form. And a ...how large... 4096 bytes large security certificate. Where are the private keys? To extremely simplify, we could say they are in your OS. And what is the box that is doing the checks for you? Can you look inside?
Welcome to the world of Internet security.
Well, I'm not trying to compare worlds to universes, or say that it's somehow easy to fake a bank's certificate (it is ridiculously easy to do it with the HTML form, though), or that it's easy to get into the middle (well, it's surprisingly easy in most Wi-fi networks). What I'm trying to say is that there has never been less data to fake, and there never have been more "invisible" ways to do it.
What if I were to setup an ssh server and pre-configure all the known hosts and appropriate keys and such. I could then achieve a secure connection over the standard un-secure modem connection? Is this correct?
That's exactly what ssh was made for: doing relatively secure connections over untrusted networks.
However, there are more factors to consider.
OK, provided that your private key or your server haven't been compromised, and provided that you used strong (=long, 4096 bytes) key, and provided that your "enemy" does not have tremendous computing power, provided that your enemy is not listening long enough, provided that they have as little knowledge about your hardware and software as possible ... yes, it's possible to make it very hard to break in.
Remember: Security is not a technology. Security is a mind set.
What are the chances that "bad guys" are "listening" on your average land line telephone connection? Do you think this actually happens?
The chances are probably very hard to guess without knowing technical details of the connection. How many sharks with lasers are around? Is it in the middle of the Sun?
But seriously, I think that while you probably can't guess the evidence, there's another point of view:
Are the powerful guys able to appreciate the value of such option? (I mean, how old are they? Are they already "the Internet generation"?)
Is it (or will it be anytime soon) possible to analyze such data and make benefit from that?
Are the people that, in some sense, must inevitably gather such data just so that their services can work (like: Can't imagine a social network without storing social data) "ethically balanced" enough so that they aren't already selling it? Would we know that?
Welcome to the world of Internet ethics.