TP: If you're able to validate that the publisher domain or redirect URL on the app is typosquatted and doesn't relate for the true id on the application. This detection identifies App consented to superior privilege scope, creates suspicious inbox rule, and made unconventional email look for things to https://hesioda691fkn8.wikissl.com/user
