Correct.
But even in W.10/11 in many malicious websites with (HTTPS) phishing content (this is not often the case for websites with malware content) the certificate is valid and nothing prevents the browser (at a given initial instant of time) from opening the malicious web page without any problem.
P.S.
In fact, I would be curious to see how your browsers (on W.XP) would treat these web pages,but the test should be done quickly after I put in the phishing link.