Talking about wrong impression, most people also don't know CloudFlare (which used by this forum) decrypt HTTPS traffic. They need to trust CloudFlare not to log and misuse their data.
Lol. Good luck with that:
Cloudflare can see your unencrypted password when you log in. It's still encrypted from the real server to Cloudflare and from Cloudflare to you. So it's not blatantly insecure except in that Cloudflare is very probably an NSA honeypot, and it's not like the NSA is going to steal your password in order to scam people on bitcointalk.org or anything.
And i never say i trust CloudFlare when it comes down to data collection. Especially when they have history of running Honeypot.
That doesn't make scraping a bad idea, it makes posting private data a bad idea. People should really not post stuff on the internet if they want it to be private.
an accident can always happen, especially confusion when copying/pasting an address vs. a private key. once in a thousand times, but it happens.
Fortunately some wallet ask password when user wish to see/copy private information (private key, word seed, etc.) which significantly reduce the mistake.