I've noticed a problem that still seems to exist within the web for digital goods like themes, scripts, ebooks, and other assorted turnkey stuff...
It would seem that there are still A LOT of people out there that host their websites without hiding directory listings on their folders that don't have an index.html/index.php file.
Is your site one of them? try going to a url on your website that goes to a folder that doesn't have the index.html file. IE:
http://www.yoursitebcndcvblah.com/images/
If it lists the contents of your folder then you are at risk of people finding your downloadable files by attempting to go to folders like /uploads/ /upload/ /downloads/ /download/ /dl/ etc . In this scenario, directory buster could also be used to easily find folders that weren't meant to be seen by the public. Beyond that point people could find your zipped products and download them without paying if they locate the folder you are storing them in.
Fix your .htaccess files!! I took a look through some of the users posts in the marketplace and I've noticed that many of those have directory listings enabled on their sites which turns into a loss of potential customers if those same people know how to get to your zipped products through the directories. This is a problem that really shouldn't exist for people in this kind of business but it is still alarming how prevalent the issue is.
Documentation on Options -Indexes
http://httpd.apache.org/docs/2.0/mod/core.html#options
Or dare I say on top of doing the htaccess change you could even put a php script as an index file in your downloads / uploads folders that logs IP addresses so you have a way to block theives or atleast identify who is trying to get to your files without paying for them