This problem isn't limited to Bitcoin, and applies to any kind of financial transaction conducted over an insecure channel, which is exactly why you're supposed to always use HTTPS for financial transactions. I thought everyone knew that already?

True, you cannot modify a transaction after it has been sent, but the question is about changing a bitcoin address as it appears on, eg, a store's webpage, in order to trick users into sending coins to the wrong address.