I used to think that multi sig is enforced on chain and the chain would require signature of both keys to move the funds.
But, there's no way to distinguish if a P2SH is multi-sig. It's in the form of "OP_HASH160 <script hash> OP_EQUAL". If you want to avoid the scenario wherein you've been attacked alike, use
P2MS where you include the public keys beforehand instead of a script hash.
Note that P2MS comes with disadvantages:
Why do we now use P2SH instead of P2MS?
Because by using P2SH you can avoid the disadvantages that come with a “raw” P2MS script:
1. P2MS has no address format. So if you want someone to put a P2MS lock on your bitcoins, you will need to construct and send them the raw locking script yourself. Worse still, they may not be able to create this transaction for you, as most wallets only allow you to use addresses (and not raw scripts) when making a transaction.
2. P2MS is limited to 3 public keys.1 The locking script of a P2MS can get pretty sizeable with all the public keys, so it’s limited to 3 (to prevent too much data being stored in in the UTXO set). However, with P2SH you can use multisig locks with up to 15 public keys.
So you can still use P2MS if you want, but it’s more convenient to use P2SH to achieve the same thing instead.