diff --git a/app/controllers/unsubscription_controller.rb b/app/controllers/unsubscription_controller.rb
index 014ce94..cc9560f 100644
--- a/app/controllers/unsubscription_controller.rb
+++ b/app/controllers/unsubscription_controller.rb
@@ -2,9 +2,12 @@
 
 class UnsubscriptionController < ApplicationController
   before_action :set_email_message, :set_account
+  before_action :require_email_message
 
   def show; end
 
+  def invalid_token; end
+
   def destroy
     raise 'cannot find subscription for unsubscription' if @email_message.subscription.blank?
 
@@ -19,4 +22,10 @@ def destroy
   def set_email_message
     @email_message = EmailMessage.find_by(unsubscribe_token: params[:token])
   end
+
+  def require_email_message
+    return if @email_message.present?
+
+    render :invalid_token, status: :not_found
+  end
 end
diff --git a/app/views/unsubscription/invalid_token.html.erb b/app/views/unsubscription/invalid_token.html.erb
new file mode 100644
index 0000000..51be733
--- /dev/null
+++ b/app/views/unsubscription/invalid_token.html.erb
@@ -0,0 +1,14 @@
+<% title 'Invalid Link' %>
+
+<div class="container flex flex-col items-center justify-center h-screen">
+  <div class="w-full prose text-center max-w-none">
+    <h1 class="dashboard-title">
+      This unsubscribe link is invalid
+    </h1>
+    <p class="text-gray-600">
+      The link you followed may have expired or already been used.
+      If you're still receiving unwanted emails, please use the unsubscribe link
+      from your most recent message.
+    </p>
+  </div>
+</div>
