A very common source of infection is email. Everyone uses email and threat actors take advantage of it. Either in the form of phishing (more on that in a later post) or in the form of malicious attachments.
There are very advanced protection options within Office 365. Whether it be within Exchange Online Protection, which is included in all Office 365 / Exchange Online plans, or within Safe Attachments, which is an extension within Microsoft Defender for Office 365.
But a very effective protection is the very simple blocking of unwanted file types within email attachments. You simply block what is unwanted, making it very easy and effective to block many potentially malicious files.
How to block file types in email attachments
In the Microsoft 365 Security portal, go to Policies & rules under Email & collaboration. Click on Threat policies and select Anti-malware. Here you can either create a new policy or edit the default policy.
In the policy, click Edit protection settings and click Select file types at the top. Here, select all the file types you want to block in email attachments. I recommend selecting everything that you don’t need to work. It’s usually a good idea to block everything except basic document types like PDF, doc, docx, xls, xlsx, etc.