M365 Secure score - Turn on the common attachments filter setting for Anti-malware on EOP
This filter will help us to prevent certain types of files that are risker to send and receive via emails. To make sure these file types don't get through, enable the common attachment filter.
How to access - https://security.microsoft.com/ then go to Policies & Rules > Threat policies > Anti-Malware
It will have a long list
You can use the default list of file types or customize it.
Messages with the specified attachments types are treated as malware and are automatically quarantined.
Change notification status to different organization requirement.