If you made no changes in your account or oscommerce script and this happened suddenly then there is a good chance your oscommerce script is compromised. This usually happen cause an outdated version of the script or cause a vulnerability you may have in the core oscommerce script files or in any oscommerce modules or plugins you have installed.
Check if any of your oscommerce files have a code similar to:
eval(base64_decode('aWYoZnVuY3Rpb25fZXhpc3RzKCyRHTE9CQ'));
This is a common php injection method, usually you will find it at the beginning or at the end of the file.
If is the case, you will have to delete the installation of oscommerce and restore it from a good backup or install it as new.
To avoid this happen in the future make sure to keep your script version up to date. For additional support please check the the oscommerce support forum.
