The QR code in question was used by Bitmit (note: I am not accusing them of anything; the amount encoded was in this case the correct one.) The wallet software was Andreas Schildbach's Android app. Perhaps a confirmation screen in said software would be a good patch.

I honestly don't see Bitcoin transactions happening in brick-and-mortar businesses. The time to clear a transaction is just too long. This is not a problem for online businesses, however.