First - most of these places are running pretty advanced virus / malware scanners. So when you go to download a file from drive etc, a scan is done (at least for files that are not enormous).
This is actually a big issue sometimes for folks who use google drive, because malware will infect their files, they will then be synced to google, then blocked from downloading them ever again!
Even if you pay the ransomeware fee, google WILL NOT let you access your own files again. So years worth of files - GONE.
They do use different origins for these services. Google DOES actively ban users (everything, youtube, drive and email) from their service even users using google services (vs a third party upload service). Ie, if you are going to run a phishing scam, host the image on this service, not google, or your drive account + a lot of other stuff is at risk. I've even seen google follow links to other accounts your google account is an admin on, so can have business impacts and more.
I don't know where the idea comes from that google is very hands off on this stuff, they run a major spam fighting op that blocks lots of even potentially legit email, they do tons of scans through chrome, they do advanced stuff for opt-in domains on their paid platforms (even more intrusive but let's them pick stuff up behind password locked pages etc).
This last one can really confuse site owners, when NON PUBLIC content results in site bans.
This is actually a big issue sometimes for folks who use google drive, because malware will infect their files, they will then be synced to google, then blocked from downloading them ever again!
That leads to support requests list this:
https://support.google.com/a/thread/60528209?hl=en
Even if you pay the ransomeware fee, google WILL NOT let you access your own files again. So years worth of files - GONE.
They do use different origins for these services. Google DOES actively ban users (everything, youtube, drive and email) from their service even users using google services (vs a third party upload service). Ie, if you are going to run a phishing scam, host the image on this service, not google, or your drive account + a lot of other stuff is at risk. I've even seen google follow links to other accounts your google account is an admin on, so can have business impacts and more.
I don't know where the idea comes from that google is very hands off on this stuff, they run a major spam fighting op that blocks lots of even potentially legit email, they do tons of scans through chrome, they do advanced stuff for opt-in domains on their paid platforms (even more intrusive but let's them pick stuff up behind password locked pages etc).
This last one can really confuse site owners, when NON PUBLIC content results in site bans.