This is indeed a very basic check. Applications must transmit user credentials and all sensitive data strictly over the secured HTTPS protocol. If the application uses HTTP to transmit user credentials and data, it is vulnerable to eavesdropping. We can quickly check if the website is using HTTP or HTTPS by inspecting the URL bar as shown in the following screenshot:

Further we can also check the certificate details to sure HTTPS implementation as shown in the following image: