diff --git a/app/controllers/email_checker_controller.rb b/app/controllers/email_checker_controller.rb
index 48926a52b..29e9e1230 100644
--- a/app/controllers/email_checker_controller.rb
+++ b/app/controllers/email_checker_controller.rb
@@ -2,6 +2,6 @@
 
 class EmailCheckerController < ApplicationController
   def show
-    render json: EmailChecker.check(email: params[:email])
+    render json: EmailChecker.check(email: params.permit(:email)[:email])
   end
 end
diff --git a/spec/controllers/email_checker_controller_spec.rb b/spec/controllers/email_checker_controller_spec.rb
index ed5732ea2..ce366ec67 100644
--- a/spec/controllers/email_checker_controller_spec.rb
+++ b/spec/controllers/email_checker_controller_spec.rb
@@ -45,5 +45,13 @@ describe EmailCheckerController, type: :controller do
         expect(body).to eq({ success: false })
       end
     end
+
+    context 'malformed' do
+      let(:params) { { email: { some: 'hash' } } }
+      it do
+        expect(response).to have_http_status(:success)
+        expect(body).to eq({ success: false })
+      end
+    end
   end
 end