The MFA we commonly use right now won't protect against phishing because, as I suspect you mean, the codes are not protected against being entered into the "wrong" site.
Proper MFA, like U2F/FIDO2/whatever-it-is-called-today, will protect against phishing because the visited site won't match the hash needed to complete the second-factor-auth-flow.
Yes it does, maybe not directly. Two examples, both 1Password and my Yubikey only autofill passwords based on the domain. I immediately get a tingle when I go to autocomplete a commonly visited website and it doesn't fill ... time to immediately inspect the URL for phishing etc. Those tools have definitely saved me multiple times.