Interesting way of cloning networks but still MAC addresses would differ. Original network has a MAC address of a router and clone network has a different MAC address of an access point.
You mean BSSID. It looks like a MAC address and in some cases it actually is one, but it’s not required to be. Each AP broadcasting for a given network will have a different one and I’m not aware of client side native behavior to alert or enforce a whitelisted set. Even if there was, you could easily spoof the BSSID too, just would need to war drive to get it.
I just mentioned basic security check but I don't know anything about corporate networks or how to manage them. One thing I know is that Microsoft has robust network directory service called Active Directory which "authenticates and authorizes all users and computers in a Windows domain type network—assigning and enforcing security policies for all computers and installing or updating software." So for example you could register all corporate access points to a Windows domain and no way you get connected to a wrong access point.
The article does make the same point. Basically companies could configure their WiFi in a more secure fashion but many won't. I'm certain many small companies use very basic setups similar to a home WiFi and at best will just change the WiFi password periodically.
This is why major OS providers are taking it on themselves to tackle some of these issues independently of the WiFi setup - like taking the location in consideration and warning you if you connect to the same network in a different location.
wpa_supplicant can be told that a network is non-BSSID-filtered, locked to a specific BSSID, and/or be provided optional black-, and whitelists of BSSID for that network.
Having multiple access points with different BSSIDs (sibling comment explains those) but the same SSID and credentials is how network roaaming works. As a client's signal strength goes down (and also periodically) it will scan for other APs. If one of those APs (with the same SSID and credentials) has a better signal, the client will usually switch to it to maintain good connectivity. For larger corporate networks it's fairly common to have multiple APs for one SSID to have WiFi connectivity over a larger area, but it's becoming common even in home environments with the two APs being 2.4GHz and 5GHz.
