diff --git a/app/Livewire/MobilePricing.php b/app/Livewire/MobilePricing.php
index 4712b21..b90c47e 100644
--- a/app/Livewire/MobilePricing.php
+++ b/app/Livewire/MobilePricing.php
@@ -7,6 +7,7 @@
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Hash;
 use Illuminate\Support\Facades\Log;
+use Illuminate\Support\Facades\Validator;
 use Illuminate\Support\Str;
 use Livewire\Component;
 
@@ -71,6 +72,10 @@ public function createCheckoutSession(string $plan, ?User $user = null)
 
     private function findOrCreateUser(string $email): User
     {
+        Validator::validate(['email' => $email], [
+            'email' => 'required|email|max:255',
+        ]);
+
         return User::firstOrCreate([
             'email' => $email,
         ], [
diff --git a/tests/Feature/MobilePricingTest.php b/tests/Feature/MobilePricingTest.php
index 5deba73..ca11e7b 100644
--- a/tests/Feature/MobilePricingTest.php
+++ b/tests/Feature/MobilePricingTest.php
@@ -60,4 +60,12 @@ public function authenticated_users_do_not_see_purchase_modal_component()
         Livewire::test(MobilePricing::class)
             ->assertDontSeeLivewire('purchase-modal');
     }
+
+    #[Test]
+    public function it_validates_email_before_creating_user()
+    {
+        Livewire::test(MobilePricing::class)
+            ->call('handlePurchaseRequest', ['email' => 'invalid-email'])
+            ->assertHasErrors('email');
+    }
 }