As far as I know, the receiver cant get tricked assuming:
- The receiver has had his bitcoin address ready(probably pre-copied address to his notes app, or a screenshotted QR code)
Even if the bitcoin address is pre-copied the host can generate fake transaction on "fake blockchain" on which visitor is connected.
- The receiver is viewing his bitcoin address through a reputable and untampered app(Mycelium, Electrum, etc)
Yes, if he is using a reputable app he can't be fooled by a fake transaction as it will not appear on his app.