Some 46% of leading global websites have been found vulnerable to existing online security threats, according to Online Trust Allianceâ€™s (OTA) annualÂ audit of nearly 1,000 sites including leading banks, retailers, social, media, news, government and IoT sites.
Nearly half of the Top 1,000 websites donâ€™t adequately protect consumers from phishing and other social engineering threats and have insufficient privacy policies and poor disclosure notices, in comparison to last yearâ€™s 30%.
Internet of Things and media sites fare worst, with fail rates over 75%, while Twitter scores as most trustworthy. From the top 50 Internet of Things device makers, focused on wearable technologies and connected home products, 76% failed the assessment, while only 20% scored high enough to qualify for OTAâ€™s Online Trust Honor Roll. News mediasites received the lowest scores, with an 80 percent fail rate. These sectors fared poorly primarily due to inadequate privacy policies and a lack of domain and consumer protection standards, the audit shows.
â€œThe results of this audit serve as a wake-up call to Internet of Things companies who are handling highly sensitive, dynamic and personal data,â€ said Craig Spiezle, Executive Director and President of OTA. â€œIn rushing their products to market without first addressing critical data management and privacy practices, they are putting consumers at risk and inviting regulatory oversight.â€
USAA Federal Savings Bank, The Federal Deposit Insurance Corporation (FDIC), Dropcam, Bloomberg Businessweek and American Greetings Interactive scored highest in their industries.
â€œThese highly public failures and vulnerabilities have a negative impact on consumer trust. Left unchecked and without a commitment to meaningful self-regulation and enforceable codes of conduct, the reputation of brands and the health of the internet is at risk,â€ the authors of the study said.
OTA is a nonprofit organization that completed comprehensive audits analyzing more than 1,000 domains and privacy policies, including approximately 100,000 web pages and more than 500 million emails for this report.