You could easily avoid this problem by providing a letter of guarantee. A rogue tor node won't be able to sign a message with an address, that is under your control.
This doesn't solve anything: if the rogue Tor node change a deposit address, they can also sign a Letter of Guarantee from any address under their control, and display said address as the "official" one.
Just use .onion if you use Tor.
Besides, from a technical perspective, the lock icon displaying whether the connection is encrypted is pretty much like the suggested "letter of guarantee", except more reliable and less complicated.