Popular safe browsing padlocks are now passe as a majority of bad guys also use them. 80 percent of phishing sites used SSL certificates in Q2 of 2020, according to the Anti-Phishing Working Group (APWG) report. Attacks ranged from phishing lures pointing to bogus wire-transfer sites, to social-media platforms being pelted with links to shady domains. Attackers are increasingly turning security features against users, wrote PhishLabs, in a recent blog post.
Source: https://threatpost.com/why-web-browser-padlocks-shouldnt-be-trusted/159659/