This is why we wait for 1 confirmation before we send out. In case someone tries to double spend.
Well, but that's not enough:
1. Check for transaction fee, if 0 and amount is small, assume its a double spend.
2. Use some service like blocktrail and check the double_spend flag (not working in some cases).
3. Implement your own double spend prevention, assuming your running a full node+rpc:
3a. After you get the desired tx start a loop of lets say 1min.
3b. Use getrawmempool and grab every transaction in the mem pool.
3c. Parse each transaction and check if any of the VIN's matches your original transaction VIN.
3d. If after 1min no other transactions match the VIN, you can say its not a double spend.
With any of the above methods your still vulnerable to finney attacks (blockchain forks) and some race attacks, but your dramatically reduce your chances of getting attacked.