Abusing Bandwidth Limit

Hi,

A lot of cloud provider plans, such as the $5 digital ocean plan, have limits on egress bandwidth. If I were to set up some public-facing services on machines under these plans, how could I prevent malicious actors from spam-requesting my services to exhaust all my bandwidth or drastically increase my expenses. Has this happened to people?

I guess it would be pretty similar to a DDoS attack, except with a less harsh end-goal?