A simpler solution would be for clients to drop the misleading "verified" badges entirely.
For example, this is what I see on Gossip: 
Simple and straight to the point.
There’s a bunch of impersonation being done with NIP-05 because it currently just verifies to the domain name. This makes folks using directory services like nostr.directory, nostrplebs.com, and things like cash.app for verification difficult. Because I could be verified by those accounts and set my petname to jack or some brand name.
We’ve written up a updated proposal to add optional names that are verified at the service as part of the NIP-05 and a link back to the information that the verification service has about this nostr user.
Clients don’t need to implement this but it solves a lot of issues we’re seeing when people are using third party domains for verification.
https://github.com/erikwestra/nips/compare/master...nip-05-security-proposal
