This security risk is balanced by the correspondingly increased number of nodes, given an equivolent Bitcoin Network Cost, where:
Bitcoin Network Cost = Data Size * Decentralization.
You can't arrive to meaningful conclusions if you base your reasoning on undemonstrated equalities.
All nodes maintain a full copy of the blockheaders. If you can prevent a node from obtaining a block then you can denial of service the validation of the chain but you can't trick a node into thinking a block doesn't exist. An attacker can't fake the content because that would require a preimage of the blockhash. If an attacker has the valid block his only option is to not provide that block but that exists today with full nodes. If all your peers refuse to provide you a requested block you can't validate the chain. This however is limited to a denial of service. If a full node hasn't received all the blocks then it hasn't synced and it can't validate transactions anyways. If it is then the node is flawed and insecure.
With the blockheaders of the longest chain a node knows the full set of blocks that exist. It may not know the contents yet but it already knows they exist.
Yes, I was reasoning in the context of a "hey, i'm getting back online, what's the network been up to?" scenario.