diff --git a/github/github.go b/github/github.go
index 11b5351..a382049 100644
--- a/github/github.go
+++ b/github/github.go
@@ -20,6 +20,7 @@ var (
 	ErrEventNotFound             = errors.New("event not defined to be parsed")
 	ErrParsingPayload            = errors.New("error parsing payload")
 	ErrHMACVerificationFailed    = errors.New("HMAC verification failed")
+	ErrWrongHubSignatureHeader   = errors.New("Invalid Github signature")
 )
 
 // Event defines a GitHub hook event type
@@ -163,6 +164,9 @@ func (hook Webhook) Parse(r *http.Request, events ...Event) (interface{}, error)
 		if len(signature) == 0 {
 			return nil, ErrMissingHubSignatureHeader
 		}
+		if len(signature) < 6 {
+			return nil, ErrWrongHubSignatureHeader
+		}
 		mac := hmac.New(sha1.New, []byte(hook.secret))
 		_, _ = mac.Write(payload)
 		expectedMAC := hex.EncodeToString(mac.Sum(nil))