diff --git a/spec/vulnerabilities/mass_assignment_spec.rb b/spec/vulnerabilities/mass_assignment_spec.rb
index ab3e3cb..5b40ca0 100644
--- a/spec/vulnerabilities/mass_assignment_spec.rb
+++ b/spec/vulnerabilities/mass_assignment_spec.rb
@@ -33,6 +33,6 @@ feature "mass assignment" do
 
     page.driver.post "/users", params
 
-    expect(User.find_by(email: "hackety@h4x0rs.c0m")).to be_nil
+    expect(User.find_by(email: "hackety@h4x0rs.c0m").admin).to be_falsy
   end
 end