A deanonymizing dust attack works by sending dust to large amounts of addresses. The assumption is that when people send transactions/perform consolidations in the future, dust from multiple addresses will be grouped into a single transaction, thus revealing many addresses controlled by a single entity, since the dust would be swept in a single tx.

(this is somewhat of a simplification, since most parties interested in performing such attacks will also be using other data to group together multiple independent txs).

The best way to prevent against this attack is to:

Never spend dust in a transaction that consumes inputs from addresses that have not previously been linked by a transaction.
Don't spend dust at all.
This will lead to some utxo bloat, but if you are reusing your addresses, you can spend the dust when spending another utxo from the same address. If you are not reusing addresses, simply never spend it.

Some wallets, such as the Samourai Wallet (no affiliation), provide an option to mark dust as unspendable. For systems that you build, you will have to ignore such outputs yourself.