Making it so that Metamask can only connect to websites that have a special Metamask authorization. That way scam websites wont be able to connect to Metamask because they cant get authorized. Also make it so that only a website that’s open on the current used tab can request connection to Metamask. Its so annoying having several websites constantly asking to connect to Metamask just because they are open on tabs.
You can disconnect the DAPP you do not want to connect at metamask
It doesn’t remove the problem with scam sites that looks almost identical to the original asking to connect. Many people have lost a great deal of assets this way. Authorization of legit projects and their original websites and Metamask only being able to connect to those it does.