As its experts discovered NCC Group, there are some high-risk security issues with these bells, including two that are rated "critical" and nine that are rated "high-risk".
Among the security issues discovered were weak password policies, lack of data encryption, and excessive collection of personal information. All of this could expose them personal information of users in malicious factors. Equally worrying though, is that some of these defects they could even allow the physical theft of a bell or make it easier to turn off the device.
The Qihoo 360 Smart Video Doorbell for example, which was available on Amazon, was easy to steal, as criminals could simply pull it off the wall with a standard SIM card extraction tool included in all smartphone.
Two other devices tested by Victure and Ctronics, contained a critical vulnerability that could allow cyber criminals to steal a network password. The password could then be used to hack into other smart devices at home.
The Victor Smart Video Doorbell found sending the name Wi-Fi and the password of the client house on servers in China, without encryption. If they are stolen, these data could allow a hacker to access the home WiFi.
Kate Bevan's Which? "Connected devices, such as smart bells, bring potential benefits and convenience to our lives, but also significant risks if they are manufactured and sold without security checks or monitoring."
"We urge the public to buy smart bells from well-known and trusted tech brands and not names they have never heard before, otherwise it is like inviting hackers into their home."
Matt Lewis, director of research at NCC Group, said: "Our findings could cause problems for consumers and are indicative of a broader culture that favors shortcuts to safety in the manufacturing process."
"However, we hope that the long-awaited legislation on the IoT will mark an important milestone in its security. "Until that is achieved, we must continue to work together to highlight the need for basic safety from design authorities and to educate consumers about the risks and what they can do to protect themselves."
What consumers need to do to be safe
They should not buy unknown brands. They should choose smart devices, only from a reliable and well-known brand.
Check reviews. Although the product may have hundreds or even thousands of good reviews, they should always see the negative ones as well.
Change the password. When they are going to use a new device, they have to change the default password to a more secure one.
Install all updates. These software updates provide vital protection against security threats.
Enable two-factor authentication (2FA). If so, two-factor authentication is a great way to get extra security, as logging in requires a unique password that is sent only to the selected device, usually on the owner's smartphone.