In a report just released, the OTA says that 56% of US dotGOV web sites and 45% of major e-commerce portals are not using authenticated email.

The unstated conclusion, Infosecurity notes, is that a significant number of companies are open to spoofed and other forms of potentially fraudulent email.

According to the OTA, its study measured 25 US government domains, as well as the top 300 online retailers as measured by sales volume.

The research was carried out during 10 days from April 3 this year and was carried out by examining the public domain name system records of the companies and governmental agencies, as well as more than 20 million emails sent to internet users purporting to come from the legitimate brand and/or domain concerned.

Craig Speizle, the OTA's chairman and founder, says that, amongst the top online retailers, 45% have not adopted email authentication.

"It is incomprehensible that in this period of escalating online scams and diminishing consumer confidence these agencies and businesses continue to sit on the sidelines," he says.

"Best practices not only need to be adopted by business, but also by governmental agencies," he adds.

Spiezle went on to say that, whilst companies increasingly have embraced e-mail authentication over the past year, it has not been enough.

Many organisations and businesses that have failed to use some form of these e-mail authentication standards, including SPF/Sender ID or DomainKeys Identified e-mail, have become victims of forged email and online exploitation, he explained.

The OTA says it will release a list of recommended best practices for online behaviour and email authentication at the upcoming OTA Email Authentication Workshop and Online Trust Town Hall Meeting, both of which are being held on April 23 in San Francisco.