If this was going to happen, it would have already happened on Android, Gmail, OneDrive, or any of dozens of services which already do what Apple is now doing.

Or are you saying that malicious activity is only interesting if it was on an Apple device?