The BitWarden example isn’t even comparable. It is 100% user error to use an unknown login portal based off an explicit paid advertisement result in Google.

A paper password book user would fall for the same scam but for whichever targeted sites. They are, in fact, more likely to get scammed because they lack an app like BitWarden which can identify and fill the actual portals thus removing the potential for error.

Password managers with a Yubikey are probably the strongest option for most people honestly.