I have been trying to contact technical support without success.

I received an SMS supposedly from Binance informing me of a scheduled withdrawal.

The most serious thing is that the message includes my anti-phishing code.

How did they obtain my data including my anti-phishing code? This is supposed to be an extreme level of protection for my account.

How did they access my account with two-factor authentication?

I have never used API keys.

I never did P2P.

I did not publish my ID.

I did not use public networks or PCs.

I never made withdrawals.

This smells quite bad.

Has anyone else experienced this?

Any advice?