In the latest version, 79 of the web browser Google Chrome, Google Chrome has the option to show HTTPS and the WWW subdomain by default hidden in the address bar.
This makes it less easy to see at a glance whether you are accessing a website via a secure connection.
Google also implemented this change in an earlier update last year, but this decision was reversed after criticism. Opponents thought that the intervention made it easier for an attacker with malicious intent to pretend to be the main domain.
Now it appears that the reversal of this measure was only temporary.
In concrete terms, the change means the following.
If the HTTPS prefix and Google’s ‘trivial subdomain’ www are not shown by default in the address bar, a user will not, at first sight, see any difference between, for example, https://www.example.com and https://m.example.com.
In both cases, only example.com is shown, while in theory, both hyperlinks can lead to different pages.
Does one of these pages contain malicious code or other things that are possibly malicious such as malware, a virus you name it? Then it is possible that at first, you don’t realize at all that you are being led to a malicious page.
The solution is straightforward: double-click in the address bar to display the full URL. Then you can see at a glance whether you are accessing a website via a secure https connection.
Data sent over an unencrypted connection can be intercepted by malicious parties.
By the way, you can also click on the lock on the left side of the address bar to see if you are dealing with a secure connection.
You might find these articles useful