There is a current scam ( I had to deal with it last year) where Indian/Pakistani customer service centres get contracts with ISP's and Hosts then use their access to install malware on your site or device, then inform you that you have to buy a tool to remove it, however the links from your ISP or host don't work, you call Support and they "help" you out by giving you a direct link. I refused to pay them and my IT guy removed the malware manually, they kept saying it wasn't done and they wouldn't reinstate my site until we used their "tool". Eventually when he said he was going to report them to the FBI (I'm hosted in the USA) they suddenly decided that the site was clean. My hosting company would have no idea this is going on as the only ways you can contact them is via their "Help" centre which is actually the problem!