~snip~
I'd be much more concerned if an address changes before I see it on my screen. Let's say you deposit to an exchange, but the deposit address on your screen is changed already before you copy it. That would mean the address on the hardware wallet matches the address on your monitor, but it's not the exchange's address. I have no idea how (un)likely this scenario is, but it's always on the back of my mind when making a transaction. And it's impossible to verify.
And I always wonder if something like that is possible, because in that case the verification on the hardware wallet would be completely pointless. However, for something like that to happen, hackers would have to have some kind of super access to that user to be able to do something like that. Maybe if they managed to install a remote access trojan on the user's computer, they would gain full access and be able to completely manipulate such things.
I think the only way we can protect ourselves from such a scenario is to use air-gapped wallets and separate computers for cryptocurrencies. If hackers don't have access to our devices, then they can't do anything to us.