What is stopping them from showing the TFA screen and asking for you to type the number?

Well, Google TFA doesn't ask you to type your number (and others only some digits) so it probably would rise a red flag big enough to "awake you" from auto-pilot, I hope.

I assume you're using the type of 2FA where this is not the case. We are discussing the type of 2FA where Google does ask you to enter your number. I.e, TOTP. When I log into Google, it asks me to type my 2FA number in.

Ah, I didn't know Google offered TOTP. I only had the option of mobile phone SMS 2FA.