This is an interesting issue where miscreant developers are using support and contact information from unrelated legitimate companies. You could argue this is exactly the kind of issue the App Store process is supposed to catch and it is. Metadata validation is the thing App Review checks on a very consistent basis. This particular issue though is time consuming and complicated to verify. If Apple wanted to solve this properly, it would need to tie email domains to registered developer Apple IDs which has its own set of problems.
At least in this case, the publicity of Steamclock’s blog post caught the attention of Apple developer relations and the bad app was pulled. This is probably a pointer towards the most likely solution for this on a wider basis: a ‘report a problem’ system that understands this is an issue that needs addressing by Apple, not individual users.