For the traditional finserv houses this rarely is a problem. In their very competitve world the main problem is when customer wasn't able to place a trade when s/he wanted to. Besides, whatever authentication was used at the protocol level it will never be a single line of defense. There are always some other form of order-stream monitoring tools running behind.

For small-timers the trades are reversible and they are insured.

For big-timers there are VPNs and dedicated connections.

And pretty much everyone, big or small, can place an order over the analog phone line, including wireless where there still is analog wireless available.

Edit: also, FIX (and others) are connection-oriented giving additional measure of monitoring and safety.