diff --git a/app/controllers/authentication/email/invite_confirmations_controller.rb b/app/controllers/authentication/email/invite_confirmations_controller.rb
index 29016d15f..82dc6f6ef 100644
--- a/app/controllers/authentication/email/invite_confirmations_controller.rb
+++ b/app/controllers/authentication/email/invite_confirmations_controller.rb
@@ -1,6 +1,7 @@
 class Authentication::Email::InviteConfirmationsController < ApplicationController
   before_action :set_invite_token, only: [:new, :create]
   before_action :set_invite, only: [:new, :create]
+  before_action :check_valid_invitation, only: [:new]
   before_action :check_accepted_invitation, only: [:new]
   helper_method :current_user
 
@@ -28,6 +29,12 @@ def create
 
   private
 
+  def check_valid_invitation
+    if @invite.nil?
+      redirect_to root_path, flash: {error: t("invitation.flash.invalid_or_expired")}
+    end
+  end
+
   def check_accepted_invitation
     redirect_to root_path, notice: t("invitation.flash.already_accepted") if @invite.accepted?
   end
diff --git a/app/controllers/authentication/email/registrations_controller.rb b/app/controllers/authentication/email/registrations_controller.rb
index 2b4be8e6e..f1caf17ca 100644
--- a/app/controllers/authentication/email/registrations_controller.rb
+++ b/app/controllers/authentication/email/registrations_controller.rb
@@ -10,6 +10,13 @@ class Authentication::Email::RegistrationsController < Devise::RegistrationsCont
 
   def new
     if @token.present?
+      # Check if invite exists and is valid
+      if @invite.nil?
+        flash.clear
+        flash[:alert] = t("invitation.flash.invalid_or_expired")
+        redirect_to new_email_authentication_session_path and return
+      end
+
       flash[:notice] = t("invitation.flash.signup_before", org: @invite.organization.name)
     end
 
diff --git a/config/locales/en.yml b/config/locales/en.yml
index c060ded79..d2faf811c 100644
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -563,6 +563,7 @@ en:
       accepted: "Invitation was accepted. Please sign in to continue."
       already_accepted: "Invitation was already accepted!"
       failed: "Failed to accept your invitation. Please contact support!"
+      invalid_or_expired: "This invitation link is no longer valid. Please contact the organization admin for a new invitation."
     invite_mailer:
       existing_user:
         subject: "%{sender} invited you to join the %{org} team on Tramline"