Thank you both. I will sign-up for Securi once I get a new site up.
This mess started when I had to be moved from my initial server to another due to email issues. (I use Arvixe for hosting and Domain.com for registrar.) It seems the hack occurred with the move, but I can't prove it.
The hackers are sending via the "default" email address, which is my cPanel login name @ mysite.com. I don't know how to stop it other than changing my login, but one of the techs said that isn't possible. I've requested a move to another server which will change the IP as well.
As fast as I changed/fixed things, they were just as fast to undo them. After hours of this, I had enough and uninstalled WordPress from the site. The two emails associated w/WP and the site (one for an information form and another w/WP for the site) were also deleted. I hope that I didn't make more problems, but the frustration got to me.
Until I get a new login, however, the "default" email will remain, and I fear more problems.
It is a terrible feeling- creepy, in fact.
Arvixe seems to be having some tech support issues, and nobody is returning calls or emails. I was lucky to get through once yesterday am, but silence since.
I have been in touch with PayPay and let them the circumstances. I also put a generic index page on the site telling visitors what happened.
Other than this, I am not sure what else to do since tech support is non-existent.
Thanks again. I don't think I'll rebuild in WP after this experience. :/