Maybe you were once advised to “look for the padlock” as a means of telling legitimate e-commerce sites from phishing or malware traps. Unfortunately, this has never been more useless advice. New research indicates that half of all phishing scams are now hosted on Web sites whose Internet address includes the padlock and begins with “https://”.

Source: Half of all Phishing Sites Now Have the Padlock — Krebs on Security

When computer networks began, everyone knew everyone and they trusted the people on the internet to not snoop. Well, that has long passed, so technologies such as SSL have been created to secure your traffic on the internet. This is what the green padlock means, your traffic to the visited website is encrypted and cannot be viewed by anyone except for the website. By default, SSL does not verify the site’s authenticity.

If you are putting any sensitive information into a site, verify the site domain name and make sure you are on the site you think you are. Don’t just rely on the green padlock.