Never, ever let down your scam, spam, online insecurity antenna. If the website says “http” or “not secure,” believe it. It is not secure.
Never, ever enter personal info into a website that does not have https and that little padlock on it.
Websites and businesses can have many other hackable vulnerabilities, to be sure, but at the bare minimum do your own due diligence:
** Use only https sites and get in the habit of looking at that URL secure padlock field before anywhere else. (That's the box at the top of the website where the site's address appears.) (URL = Uniform Resource Locator)
With all the new Covid-19 websites popping up, not to mention all the pre-Covid websites, there are plenty of insecure websites asking for your name, number, and credit card info. Yikes.