diff --git a/app/controllers/admin/email_controller.rb b/app/controllers/admin/email_controller.rb
index 24155460052..148b364dc00 100644
--- a/app/controllers/admin/email_controller.rb
+++ b/app/controllers/admin/email_controller.rb
@@ -89,6 +89,8 @@ class Admin::EmailController < Admin::AdminController
     params.require(:last_seen_at)
     params.require(:username)
     user = User.find_by_username(params[:username])
+    raise Discourse::InvalidParameters unless user
+
     renderer = Email::Renderer.new(UserNotifications.digest(user, since: params[:last_seen_at]))
     render json: MultiJson.dump(html_content: renderer.html, text_content: renderer.text)
   end
diff --git a/spec/requests/admin/email_controller_spec.rb b/spec/requests/admin/email_controller_spec.rb
index 97cdef075c4..3ff6bedca4d 100644
--- a/spec/requests/admin/email_controller_spec.rb
+++ b/spec/requests/admin/email_controller_spec.rb
@@ -175,6 +175,14 @@ describe Admin::EmailController do
       expect(response.status).to eq(400)
     end
 
+    it "returns the right response when username is invalid" do
+      get "/admin/email/preview-digest.json", params: {
+        last_seen_at: 1.week.ago, username: "somerandomeusername"
+      }
+
+      expect(response.status).to eq(400)
+    end
+
     it "previews the digest" do
       get "/admin/email/preview-digest.json", params: {
         last_seen_at: 1.week.ago, username: admin.username