diff --git a/src/wp-includes/user.php b/src/wp-includes/user.php
index 2af846c7b4..48c6e84f4a 100644
--- a/src/wp-includes/user.php
+++ b/src/wp-includes/user.php
@@ -302,7 +302,7 @@ function wp_authenticate_spam_check( $user ) {
 		 * @param bool    $spammed Whether the user is considered a spammer.
 		 * @param WP_User $user    User to check against.
 		 */
-		$spammed = apply_filters( 'check_is_user_spammed', is_user_spammy(), $user );
+		$spammed = apply_filters( 'check_is_user_spammed', is_user_spammy( $user ), $user );
 
 		if ( $spammed )
 			return new WP_Error( 'spammer_account', __( '<strong>ERROR</strong>: Your account has been marked as a spammer.' ) );
diff --git a/tests/phpunit/tests/user/wpAuthenticateSpamCheck.php b/tests/phpunit/tests/user/wpAuthenticateSpamCheck.php
new file mode 100644
index 0000000000..7f3b164058
--- /dev/null
+++ b/tests/phpunit/tests/user/wpAuthenticateSpamCheck.php
@@ -0,0 +1,46 @@
+<?php
+
+/**
+ * @group user
+ */
+class Tests_User_WpAuthenticateSpamCheck extends WP_UnitTestCase {
+	function test_wp_authenticate_spam_check_returns_user_when_single_site() {
+		if ( is_multisite() ) {
+			$this->markTestSkipped( 'This test applies to single site only.' );
+		}
+
+		$user_id = self::factory()->user->create( array( 'role' => 'contributor' ) );
+		$user = new WP_User( $user_id );
+		$actual_user = wp_authenticate_spam_check( $user );
+		wp_delete_user( $user_id );
+
+		$this->assertEquals( $user->user_login, $actual_user->user_login );
+	}
+
+	function test_wp_authenticate_spam_check_returns_user_when_not_flagged() {
+		if ( ! is_multisite() ) {
+			$this->markTestSkipped( 'This test applies to multisite only.' );
+		}
+
+		$user_id = self::factory()->user->create( array( 'role' => 'contributor' ) );
+		$user = new WP_User( $user_id );
+		$actual_user = wp_authenticate_spam_check( $user );
+		wpmu_delete_user( $user_id );
+
+		$this->assertEquals( $user->user_login, $actual_user->user_login );
+	}
+
+	function test_wp_authenticate_spam_check_returns_wp_error_when_flagged() {
+		if ( ! is_multisite() ) {
+			$this->markTestSkipped( 'This test applies to multisite only.' );
+		}
+
+		$user_id = self::factory()->user->create( array( 'role' => 'contributor' ) );
+		update_user_status( $user_id, 'spam', 1 );
+		$user = new WP_User( $user_id );
+		$actual_user = wp_authenticate_spam_check( $user );
+		wpmu_delete_user( $user_id );
+
+		$this->assertInstanceOf( 'WP_Error', $actual_user );
+	}
+}