Google did a terrible thing there, they pushed SSL and now getting a certificate is easier than ever, you can even get it for free. https does not guarantee anything, maybe just that the scammer is more skilled than others. I have just seen a webpage, where you pay with a credit card entering card details on https, but within the same webpage, sending your card info to the webpage itself, not to the bank or any other trusted payment entity, rendering the whole SSL pointless.
@imdb -- thanks for quoting me out of context. Not! Ah yes -- a poll sponsored by Google, the purveyor of Chrome (high on the list of the world's least private browsers), partnered with Harris Poll, the outfit that persisted in declaring a Hillary Clinton victory right up to & including election day. In fact, Mark Penn (Chairman of Harris Poll) was pollster & chief strategist to Hillary Clinton's failed campaign for president. So the gospel according to Google is now being cited by the elitists to prove that almost everyone (except them, of course) is a clueless doofus? Okay, if someone wishes to endorse Google's gospel in order to join their elitist club, just ignore and ignore and ignore and ignore and ignore and ignore (ad infinitum). Doing so will make it easier to believe that a poll initiated by Google is the gospel truth because Google is a totally altruistic, ethical, honest organization with NO axe to grind and NO profit motive (or CYA) behind anything & everything they initiate & say & do. NOT! The poll's sample structure is not a statistically valid basis for this thread's broadsweeping headline saying, "People on the internet have NO IDEA how bad they are at online security" (I capitalized "no idea" for emphasis). There are many aspects relative to security on the internet (examples: avoid phishing, porn, dark web, crack-sites; use MBAE or HMP.A; keep security apps & browsers up-dated; etc.). HTTPS is only one of the many aspects of internet-security -- a sample size of merely ONE! Gooooood grief!!! If someone were asiduous about HTTPS but lax in other security aspects, that would not make him a safe surfer by any means. @TairikuOkami - interesting comment; useful information