Browsers will flag a secure web page (HTTPS) as insecure if it fetched content from an insecure (HTTP) source; read more here. In webmail the most likely cause is an inline image in a message sourced over HTTP; note by default webmail is set to not show such image without user confirmation. As you have found, navigating away from such a message and refreshing the web page (Ctrl + R) will restore the secured state status. Solution to resolve this issue is to ask whoever is sending you inline image content to consider doing so over HTTPS.

-- 
I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more
Have I helped? Click Mark as Helpful Answer and solved, or use  Kudos to say thanks