Re: emails contain poisoned Word documents
What about the macro enabled *.xlam, *.xlsm, *.xltm
Or the old "encrypted zip archive with the password in the message body" dodge, well-loved by people bypassing email filtering for less-malicious (if still often foolish) purposes.
The whole point of spearphishing is to run a con on a specific target. Anyone who's studied that sort of confidence game knows that various counter-intuitive factors actually tend to improve the success rate. One is asking the victim to help initially, rather than offering a reward - victims who do so tend to fall prey to a version of the sunk costs fallacy, or a related one of acquired responsibility. Another is making it slightly more difficult for the victim to participate in the con (e.g. by having to open a password-protected zip file) - another version of the sunk-costs trap.
That's not to say that there's no value in filtering many of the file patterns associated with unsafe formats. Defense in depth.