This dodgy username business will never be a thing of the past. I was going to recommend employing a twofold/two-way ‘cookie’ system that I have heard of recently, but even that is easy to get past.
Simple measures such as a blatant notice asking double registries to back off or something similar should regulate the problem to an extent – don’t you think?