Yes, I agree, and that’s why I put a “would it make sense” in front.
From what I know this first came up in 2014/2015 and there was a more recent case reported at the end of 2017 after being active for over one year by targeting “not only Bitcoin, but also Ethereum, Zcash, Monero, Dash, Dogecoin” (https://www.kaspersky.com/blog/cryptoshuffler-bitcoin-stealer/19976/)
I decided to suggest a normal use case. My original idea was to use my smartphone as a little OCR scanner, reading the address from the desktop screen. Then I copy&paste the address on desktop into a little tool who sends my (or the faked) address to the app on my smartphone (like a little chat tool). the OK or KO then would be resulting there. The problem with this idea is that as soon as the desktop tool is known the adversary again could adapt and skip fake pastes into it. Maybe it would make sense for a well-known messenger app like telegram to have such an “ocr verification” because it can get the address through his messaging protocol and not the clipboard.
It’s just writing some thoughts out publicly because I don’t like the idea that I have to manually double check every single byte of every transaction address for the rest of my life.