if you're still using a simple 2fa app, you're basically shouting "hack me" to the world - get a serious one that warns you about clever phishing attempts like this https://www.reddit.com/user/jacobs-tech-tavern