I was checking out hotel websites for reservations this weekend and noticed hotel giants Hilton and Choice websites are being reported to have valid but insecure SSL.
For Choice, chrome is reporting that attackers might be able to see the images you are looking at on this site and trick you by modifying them. The same message is on their signup and reservation pages.
For Hilton, chrome flat out says you should not enter any sensitive information on this site (for example passwords or credit cards) because it could be stolen by attackers. This is also reported on their signup and reservation pages.
Is there any other way a consumer could securely use these sites or is the best bet to stop doing business with them until they improve their site security?
Update
Since this post, Choice hotel site has been updated.
Here is a pic of the Hilton sign-up page showing insecure. Sign-in and room registration pages are also now showing secure.