We've just had an upgrade on the membership script we're running. This seemed to throw a lot of formatting out on the sales page and we were just going through and fixing it when... We saw this stuff..."<span style="font-size: 9pt; font-family: Verdana;"><a href="http://www.tearsea.com/store/lp/index.php?action=order" mce_href="http://www.tearsea.com/store/lp/index.php?action=order"><span style="color: rgb(51, 51, 51); text-decoration: none;"></span> " slap bang in out sales page! This is repeated in the code a few times! We have no idea how it got there or what is is. We have no connection with the url in this code snippet. We're pretty good at marketing but pretty basic at code... Some help would be real welcome! Thanks
If that url is not yours then you've had a spammer bot who's gotten access to your code. Recently I was reading an accessibility blog where the organisation had just gotten done telling people that it's ok to hide text if the text is there for accessibility. They got a message from Google saying that their hidden text seemed suspicious. After looking at it, it was a hidden list of some spammer's keywords and links-- somehow they had gotten onto their site. These weren't accessibility texts, just spam. What you need to do is remove that code wherever it appears. You can likely do it in a decent editor very easily. Then you need to figure out how this code got in. Look hard at third-party code you use (ads, banners, scripts...). When you find the source, inform them, as they may also actually not be the spammers but are being used by them.
For starters, you should check the file permissions on your files and folders. From there, you should contact the vendor of the script and ask them if they have any answers or if they have received other complaints about this happening with their script. If it's a membership script, and that is the cause, then that is very fishy (not saying it is the fault of the developers). Does the membership script just keep track of members and their logins and add new members? Or does it create custom pages for you members? You should also be concerned about any information about your members being compromised. i.e. email addresses or other private data.