diff --git a/profile.php b/profile.php
index 47c100aef5fe46f44c1072e0248bc47058f9f047..db501ced39718803bc83db75139159b9f3a82915 100644
--- a/profile.php
+++ b/profile.php
@@ -19,6 +19,12 @@
 require 'secure.inc.php';
 
 require_once 'class.user.php';
+
+// Check if User is Guest. If so, redirect them back to ticket page to
+// prevent Account Takeover.
+if ($thisclient->isGuest())
+    Http::redirect('tickets.php');
+
 $user = User::lookup($thisclient->getId());
 
 if ($user && $_POST) {