I spent some time talking to Sticky engineers a few months ago. It has a lot of backend and hidden detections for compromises, phishing and tampering. There is a brute force detection system as well. You can test one of the features by changing the time-zone on your PC. Sticky will detect your database is being logged into or tampered with on a machine in a different time zone than you are usually in and lock the database. It will also detect phishing and redirection as you noted - among other things. While sticky uses AWS, it doesn't use their crypto. You shouldn't see any background telemetry/logging/traversal from Sticky unless the database is syncing which I find is a good policy of theirs contrary to many others.
Bit Warden is good, and the developer is on the ball IMO.