I think it's important to add - or remember - that sites using SSL / TLS encryption are not always "legit" or "secure" because the connection is encrypted.
A malicious site, scam site, etc .. can use SSL / TLS certificates too. It's pretty easy now with a lot of services offering free certificates. I'm sure a lot of scam sites or phishing sites exposed here had SSL / TLS encryption enabled.
I see a lot of people on Internet thinking "Hey, there is a green padlock symbol, so it's safe to enter some personal info". It's not. You are wrong. It only means that the transmission is encrypted. But if the guy behind the site is malicious, then you are fucked as well.
Yes I know about it. I think you may not read it but I still give warning about websites that are HTTPS. Anyway, I'll edit the op to add some information. I make it into bold stating that this will help us very careful even if it's HTTPS websites and the reason why is what you have stated.
Yes, I saw your warning but not the reason why

Or may be you were thinking about another reason too.
Anyway, thank you for the edit. It's appreciable someone taking care of his topic instead of only posting a message an never coming back.
Unfortunately, there are a lot of situation like this here :/ So thank you OP
