I can't help with any techy advice but is it shared hosting and of so with which host.
And have you googled this issue with regards to that host? I only suggest this because I've had this a few times over the years with many users adamant that once a hacker has broken into one account they can get access to all the other domain on that server, although the hosting company refused to discuss the matter
and of course someone that can hack a site can disguise the sending domain
and do any of your scripts send email?
and have any new files appeared on your domain?
and has any new lines of code appeared in any of your likely scripts?
change logins and ftp passwords
all lo tech numpty stuff obviously