diff --git a/rules/falco_rules.yaml b/rules/falco_rules.yaml
index c9594eba..0e43af4d 100644
--- a/rules/falco_rules.yaml
+++ b/rules/falco_rules.yaml
@@ -2584,7 +2584,7 @@
   condition: >
     (open_write and (
       fd.name contains "bash_history" or
-      fd.name contains "zsh_history" or
+      fd.name endswith "zsh_history" or
       fd.name contains "fish_read_history" or
       fd.name endswith "fish_history") and evt.arg.flags contains "O_TRUNC")