Establishing a secure connection requires a few things
1) some foundation of trust. Your computer's root security certificates try to provide that, so you know when you first connect to a site that it is in fact the site you are trying to connect to. Google "key-signing parties" for other better alternatives.
2) security of the platform on both ends (basically means that while the data is unprotected on your end or on their end, the system accessing the data isn't compromised)
3) strong cryptography armoring the data as it travels across untrusted networks
Unless the business you are trying to connect to has had their SSL certificate compromised, or your computer has had its system key store compromised, a DNS attack shouldn't go unnoticed. At the very least you should see a warning about the site's certificate not being verified. But this is just for data privacy. If you're worried about browsing history, bouncing off a full-on VPN is the only way to even get off to a good start.
