Let's pretend for the sake of argument you are one of the good guys - I believe you, but how can an even-less-technical user be sure?
Could something be done during routing traffic in the internet at large to block port 53 for an IP address or a range of IP addresses when there is reason to believe malicious redirection is occurring?
Is protecting a mostly-non-technical majority from falling for DNS-based bait-and-switch tricks worth having to appeal an occasional false positive?
Outside of the scope of TFS:
What do you do with your DNS?