If you have detected a common pattern that exists for these copycats you can tie in a list of requirements that when detected to be changed/different than what expected you can do something about it. For example, if the extension is suppose to only run on a specific list of URLs, but the manifest reports permissions for everything -> now it knows the extension is a copy cat, you can do something about it, whether it is a warning to the user, or disabling/crippling the extension, etc.
Same thing can be done with the description and name, all of them are accessible from the manifest API so you can cross-match with a list of your own inside the script and if anything isn’t as it should, do something to the script.
Suggestion: whatever you do, do it after a couple of days after it was installed so they (the scammers copying your extension) can’t tell right away what is going on from a quick installation test, but long term users will eventually see/feel it.