This reminds me of a new exploit that I'll share a link about in a moment.
But what you have here is just someone trying to log in to your account which is sadly a normal thing today. You might think about TFA (two factor authentication) if you want to make it harder but there are downsides to TFA such as if you lose your phone or such, recovering your account may be impossible.
NOW ABOUT THAT NEW (to me) EXPLOIT. "I SENT YOU A CODE. GIVE ME THE CODE." EXPLOIT!!!
Look over https://imgur.com/gallery/kfLM5SY for what was to me a new social engineered exploit.
Seems a great way to take over someone's Google or other accounts. I can't quite put it into better words or story than you'll see at the Imgur link but let's just say that if you are conversing with someone you know or not, you'll have to be painfully security conscious today.
I received an email from Facebook with a security code. At the time of my email, my computers were off. When I use ipconfig, my IP address is something like 192.168.0. However, when I look at my activity log in Facebook, it lists the IP address as 96.44.xxx. If I log off Facebook and back on, the currently active user (which should be me!) shows a similar IP address to 96.44. I don't understand the situation. Should I be worried?
I don't know if I have location turned on. The location moves around when I log on and view security settings in FB. But it is within a 1 hour drive from where I am.