According to the latest Netcraft SSL Survey, Extended Validation SSL certificates still only account for 2.3% of all valid third party certificates analyzed by the company. The steady, but slow adoption is attributed to both, pricing and site verification concerns. The survey finds that extended validation SSL certificates are most prevalent on high traffic or financial web sites, and are used to further establish a trusted relationship between the web site and the visitor.
Restricting the survey's sample to the busiest 1,000 websites in the world, 81 sites accepted HTTPS connections and presented a valid SSL certificate. Nearly a third of these certificates used Extended Validation – a far higher proportion than the 2.3% share of all certificates.
Although the ubiquitous green indicator is in fact often cited as the first thing to look for in order to establish a (financial) site's legitimacy, a site using EV SSLs cannot be fully trusted as a compromised portion of it -- say through SQL injection -- may lead to a successful phishing campaign relying on this very same trusted infrastructure.