I would say to check the first and last 5 characters of an address and also 5 in the middle, as someone who creates vanity addresses might be able to come up with an address with the first 5 and last 5 the same as your real address. In fact, I know that this is already happening, so I would add to verify 5 more characters in the middle. Also doing voice verifications adds a layer of security as well, so for example, say your friend is sending you a btc address, it should be followed with a voice message from him with the first, middle, and last 5 digits.