diff --git a/public/language/en-GB/error.json b/public/language/en-GB/error.json
index c12630d35b..6273948383 100644
--- a/public/language/en-GB/error.json
+++ b/public/language/en-GB/error.json
@@ -213,6 +213,7 @@
 	"custom-user-field-select-value-invalid": "Custom field selected option is invalid, %1",
 	"custom-user-field-invalid-link": "Custom field link is invalid, %1",
 	"custom-user-field-invalid-number": "Custom field number is invalid, %1",
+	"invalid-custom-user-field": "Invalid custom user field, \"%1\" is already used by NodeBB",
 	"post-already-flagged": "You have already flagged this post",
 	"user-already-flagged": "You have already flagged this user",
 	"post-flagged-too-many-times": "This post has been flagged by others already",
diff --git a/public/src/admin/manage/users/custom-fields.js b/public/src/admin/manage/users/custom-fields.js
index d558e5fcb7..f4b13a7c14 100644
--- a/public/src/admin/manage/users/custom-fields.js
+++ b/public/src/admin/manage/users/custom-fields.js
@@ -37,7 +37,7 @@ define('admin/manage/user/custom-fields', [
 			});
 			socket.emit('admin.user.saveCustomFields', fields, function (err) {
 				if (err) {
-					alerts.error(err);
+					return alerts.error(err);
 				}
 				alerts.success('[[admin/manage/user-custom-fields:custom-fields-saved]]');
 			});
diff --git a/src/socket.io/admin/user.js b/src/socket.io/admin/user.js
index ee2215e4ec..15a4963962 100644
--- a/src/socket.io/admin/user.js
+++ b/src/socket.io/admin/user.js
@@ -189,6 +189,12 @@ User.exportUsersCSV = async function (socket, data) {
 };
 
 User.saveCustomFields = async function (socket, fields) {
+	const userFields = user.getUserFieldWhitelist();
+	for (const field of fields) {
+		if (userFields.includes(field.key) || userFields.includes(field.key.toLowerCase())) {
+			throw new Error(`[[error:invalid-custom-user-field, ${field.key}]]`);
+		}
+	}
 	const keys = await db.getSortedSetRange('user-custom-fields', 0, -1);
 	await db.delete('user-custom-fields');
 	await db.deleteAll(keys.map(k => `user-custom-field:${k}`));
diff --git a/src/user/data.js b/src/user/data.js
index d86a099dfd..06caba76b0 100644
--- a/src/user/data.js
+++ b/src/user/data.js
@@ -52,6 +52,10 @@ module.exports = function (User) {
 		customFieldWhiteList = await db.getSortedSetRange('user-custom-fields', 0, -1);
 	};
 
+	User.getUserFieldWhitelist = function () {
+		return fieldWhitelist.slice();
+	};
+
 	User.getUsersFields = async function (uids, fields) {
 		if (!Array.isArray(uids) || !uids.length) {
 			return [];