While I don't have rigorous metrics without digging deeply into my data, my impression is that far more than 50% of scams, phishes, etc. sent to non-Gmail addresses originate on (that is, are sent from) #Gmail (as demonstrated by the Received: line analysis, so not counting forgeries not actually sent by Google) and/or have their "payloads" -- what they want you to click on, located on GCP -- #Google Cloud.