1) Check to make sure all of your login credentials to whatever control panel you use are secure and unique. Change them if you haven't already.
2) Remove any authorized_keys in the .ssh directory unless you know they belong there. Similarly, any 'additional accounts' that might have access.
3) Check your crontab. This might show up as 'scheduled tasks' or something similar in your control panel. If there is something there that you don't already know about, it means your account did get compromised somehow.
4) Check any other scripts that you might be running. Any file with an execute permission set that is not a directory is suspect. Ideally, you should have zero.
5) It is possible that another account on your host's server is compromised. Make sure all global and group write permissions are disabled. chmod 644, generally.
In that order.
It's also possible that the host, itself, is compromised. There's little to do in that case except go to a better host, I'm afraid.