WIRED wrote: “A MASSIVE EFFORT to encrypt web traffic over the last few years has made green padlocks and “https” addresses increasingly common; more than half the web now uses internet encryption protocols to keep data protected from prying eyes as it travels back and forth between sites and browsers. But as with any sweeping reform, the progress also comes with some new opportunities for fraud.
And phishers are loving HTTPS…

https://blog.knowbe4.com/phishing-schemes-are-using-encrypted-sites-to-seem-legit