In fact, the web is more secure than it was just a year ago.
That's because more websites are finally using encrypted connections, according to Google's transparency report. More than half of the pages loaded by Google's Chrome desktop browser on the web now use HTTPS -- and two-thirds of total time is spent on encrypted websites.
Sites that use HTTPS -- compared to HTTP -- let you securely pay for things online, check your bank account, and view and share sensitive data. To do so, it encrypts communications between the browser and web server, so information is protected against hackers or eavesdroppers.
You can tell when you're on a secure website by seeing "HTTPS" and a padlock in your browser's address bar.
"A web with ubiquitous HTTPS is not the distant future," Chrome security engineers wrote in a blog post on Thursday. "It's happening now, with secure browsing becoming standard for users of Chrome."
Google (GOOGL, Tech30) began collecting Chrome browsing data in April 2015 when it discovered less than half of pages people viewed were secure. Meanwhile, about 60% of web traffic using Chrome on a Mac currently accesses encrypted sites, compared to 51% on Windows and 43% on Android. Google didn't report iOS traffic.
But there's still a long way to go: Of the top 100 non-Google websites globally, just 34 have HTTPS by default.
Eventually Google hopes it will become standard. To achieve ubiquity, the company will start naming and shaming sites that don't use it.
Starting in January, Chrome will mark sites that use HTTP connections as "not secure." It will begin by looking at sites that collect passwords or credit cards, eventually calling out all insecure sites on the web.
As privacy concerns loom, experts advise to make sure a website uses HTTPS before you enter a password or personal information.