Yeah, quite a few people got suckered into it, including a couple that I know of that should have known better.  They were so excited about getting 2FA that they didn't think.

Remember people (old and new alike): Never click a link in an email, unless you were expecting the link. And even then, if you get prompted for any information, don't do it. Always type the correct address for a website yourself.