As I pointed out on the mailing list observing the chain for matched orders tells you nothing about whether or not those orders were ever published; that is, whether or not they're entirely fake and don't represent actual market depth.
As I said in the text you quoted, a filtered average over previous block solves this. Unless you are assuming the attacker has majority hashrate, in which case you're screwed anyway.
An attacker who wanted to give a false impression of market
depthactivity and/or prices could simply publish completed transactions to himself on the blockchain and have nothing to do with the mining process. These transactions would never be propagated as unfilled orders on the network, only as completed transactions. Forcing unfilled orders to propagate through the network, and be published in the blockchain, ensures that these orders are real, as they could be matched and filled by anybody.